Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Fake alert malware problem

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Fake alert malware problem

Unread postby rockspaz » February 27th, 2010, 8:46 pm

Cypher,

I ran HijackThis and followed directions but it did not fix "O18 - Protocol: skype4com - (no CLSID) - (no file)" It is still there.

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=e4b2dc08828d5c48ba319c6742c4e7f2
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-02-28 12:14:32
# local_time=2010-02-27 07:14:32 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=5121 16776893 100 96 0 19316626 0 0
# compatibility_mode=5892 16776574 100 100 17330695 103915430 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=218408
# found=0
# cleaned=0
# scan_time=8170
rockspaz
Regular Member
 
Posts: 48
Joined: February 17th, 2010, 5:19 pm
Advertisement
Register to Remove

Re: Fake alert malware problem

Unread postby rockspaz » February 27th, 2010, 8:50 pm

Cypher,

I did not get the option to uninstall ESET. The computer screen went into sleep mode and blacked out and I did not want to touch anything while it was running. I waited until the scan was finished but there was no screen where I could click on Finish. I'm hoping the scan ran O.K.
rockspaz
Regular Member
 
Posts: 48
Joined: February 17th, 2010, 5:19 pm

Re: Fake alert malware problem

Unread postby Cypher » February 28th, 2010, 6:53 am

Hi rockspaz.
I'm hoping the scan ran O.K.

It ran fine good work :)
How is your PC performing any problems?


Viewpoint Software Advice:

This is just to make you aware of the nature of the aforementioned applications.
Though not exactly classed as malware they do have some undersirible characteristics.
For more information see Here
However there is no point uninstalling it, as the AIM 6 application you have installed, next time used will download/install the aforementioned again with out your knowledge. Isn't that nice of AOL and their applications. :banghead:



Ok one final check with Malwarebytes Anti-Malware.

  • Launch the application, Check for Updates >> Perform Quick Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Logs/Information to Post in your Next Reply

  • Malwarebytes log.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Fake alert malware problem

Unread postby rockspaz » February 28th, 2010, 10:19 am

I notice that Internet Explorer is saying that protected mode is turned off for the local intranet zone. I'm still getting the crashes that occur at least once a day (like when I tried to run GMER). In the past, my hard drive failed and it was still under warranty and HP took it back and replaced the hard drive. Since then, the crashes have been occurring. When I would click on find a solution, it would say something like Raid driver is not correct but when I tried to get the correct one it didn't make a difference. I don't know if it's just a hardware issue or a virus issue. Now, when it crashes and I click on "find a solution", it doesn't show why.


Malwarebytes' Anti-Malware 1.44
Database version: 3805
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

2/28/2010 9:07:40 AM
mbam-log-2010-02-28 (09-07-40).txt

Scan type: Quick Scan
Objects scanned: 108193
Time elapsed: 10 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
rockspaz
Regular Member
 
Posts: 48
Joined: February 17th, 2010, 5:19 pm

Re: Fake alert malware problemrockspaz

Unread postby Cypher » February 28th, 2010, 11:23 am

Hi rockspaz.
Your last set of logs are clean lets try this.


Check Hard Disk For Errors:

Press Click on Start > All programs > Accessories > Run, then copy/paste the following command into the box and press OK:
cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
A blank command window will open on your desktop, then close in a few minutes. This is normal.
A file icon named checkhd.txt should appear on your Desktop. Please post the contents of this file.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Fake alert malware problem

Unread postby rockspaz » February 28th, 2010, 11:33 am

The type of the file system is NTFS.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
569 large file records processed.

0 bad file records processed.

0 EA records processed.

60 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
Index verification completed.
0 unindexed files processed.

CHKDSK is verifying security descriptors (stage 3 of 3)...
Security descriptor verification completed.
31162 data files processed.

CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
Windows has checked the file system and found no problems.

144231538 KB total disk space.
78143028 KB in 180595 files.
91936 KB in 31163 indexes.
0 KB in bad sectors.
271670 KB in use by the system.
4096 KB occupied by the log file.
65724904 KB available on disk.

4096 bytes in each allocation unit.
36057884 total allocation units on disk.
16431226 allocation units available on disk.
rockspaz
Regular Member
 
Posts: 48
Joined: February 17th, 2010, 5:19 pm

Re: Fake alert malware problem

Unread postby Cypher » February 28th, 2010, 11:39 am

Hi rockspaz
Your CHKDSK log looks good so your HD is fine

The problems you are still experiencing are not coming from malware as all of your latest logs have come back clean.

When I am faced with this type of problem I go to these sites below. I have asked for help there myself and they have always been able to solve my problems.

Tech support guy


And

What the tech


So as I said above your logs are clean, I hope you can resolve your other problem with the links that I provided.



This is my general post for when your logs show no more signs of malware.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:


Clean up with OTM

  • Double-click OTM.exe to start the program, This tool will remove all the tools we used to clean your pc.
  • Close all other programs apart from OTMoveIt3 as this step will require a reboot
  • On the OTM main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.

You can now delete any tools we used if they remain on your Desktop.

Next.

Create a new, clean System Restore point

  • Click Start, Right Click on Computer, and select Properties.
  • In the left pane, click System Protection > Creat.
  • Give this restore point a descriptive name and click Create.
  • Click Apply and OK.

Note: Do not clear infected/old System Restore points before creating a new System Restore point first!

Flush infected System Restore points

  • Click Start, Right Click on Computer, and select Properties.
  • In the left pane, click System Protection.
  • untick the box labeled Vista C: an click Turn off system restore.
  • Click Apply and OK.
  • Restart your computer.

Protection Programs
Don't forget to re-enable any protection programs we disabled during your fix.

Now we needed to deal with security vulnerabilities

Install internet explorer 8

You can find information and install IE 8 from Here

Update Firefox

  • Your version of Firefox is outdated.
  • In the Firefox browser click Help > Check for updates to install the latest version.

Here are some free programs I recommend that could help you improve your computer's security.

Install Sitehound
SiteHound is a toolbar for Microsoft Internet Explorer and Mozilla Firefox which alerts you if you're about to enter a potentially dangerous website.
You can find more information and download it from Here

Install WinPatrol
As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
For more information, please visit HERE

MVPS Hosts

Install MVPS Hosts File From Here
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
You can Find the Tutorial HERE

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Microsoft Windows Update
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Install the updates immediately if they are found.
To update Windows
Go to Start > All Programs > Windows Update > Check for updates.
To update Office
Open up any Office program.
Go to Help > Check for Updates

Read some information HERE On how to prevent Malware

Is your pc running slow?
Read What to do if your Computer is running slowly

I would be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Safe surfing!
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Fake alert malware problem

Unread postby rockspaz » February 28th, 2010, 12:31 pm

Cypher,

I'm so grateful for your help and guidance. You guys are truly super heroes.

I wish there was a way to stop the bad guys that are sending out all of these nasties to foul up peoples computers. It would be nice is there was a way to draw them in the way Paulinus drew in Boudica at the vulnerable point of our choice. Then the nasties could be sent right back to them to where it would expose their identity and block them from sending anything else. Oh, well. One can dream.

Thank you, thank you , thank you!
rockspaz
Regular Member
 
Posts: 48
Joined: February 17th, 2010, 5:19 pm

Re: Fake alert malware problem

Unread postby Cypher » February 28th, 2010, 12:46 pm

Hi rockspaz.
You are most welcome :)
Good luck solving your other problem, As you have no other questions i will ask for this topic to be closed, stay safe.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Fake alert malware problem

Unread postby rockspaz » February 28th, 2010, 1:17 pm

Cypher,

Oh, no. I spoke too soon. I updated Firefox but now it will not open. It says it is missing file xul.dll
rockspaz
Regular Member
 
Posts: 48
Joined: February 17th, 2010, 5:19 pm

Re: Fake alert malware problem

Unread postby Cypher » February 28th, 2010, 1:36 pm

Hi rockspaz try this and let me know if it solves the problem.

Reset FireFox:

  • Click on Start > All programs > Accessories > Run.
  • Enter the following command:
    firefox.exe -safe-mode
  • In the open window, select Reset all preferences to default Firefox.
  • Click on Make the changes and restart.
  • After FireFox restarts click on Check for Updates...
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Fake alert malware problem

Unread postby rockspaz » February 28th, 2010, 1:43 pm

Firefox still won't open. It says still says I am missing xul.dll
rockspaz
Regular Member
 
Posts: 48
Joined: February 17th, 2010, 5:19 pm

Re: Fake alert malware problem

Unread postby Cypher » February 28th, 2010, 1:48 pm

Hi rockspaz.
Try reinstalling FireFox.

Uninstall programs
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following
Mozilla FireFox


Then go Here to Download and install it again.

Let me know if that worked.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Fake alert malware problem

Unread postby rockspaz » February 28th, 2010, 2:15 pm

I downloaded Firefox 3.6 and that did it. I noticed that when I did the appwiz.cpl that Firefox was showing version 3.5.8 instead of the 3.6 so maybe the update didn't take.
Thanks.

One more thing. You previously had me uninstall Adaware via appwiz.cpl and it no longer shows up there but it is still on my bottom right toolbar and seems to be operational. Do I need to worry about this?
rockspaz
Regular Member
 
Posts: 48
Joined: February 17th, 2010, 5:19 pm

Re: Fake alert malware problem

Unread postby Cypher » February 28th, 2010, 2:24 pm

Good glad to hear you solved the problem.
I had you remove Ad aware as there are better applications like Malwarebytes Anti-Malware :)
If you Right-Click and close or exit the Adaware icon on your toolbar that should get rid of it.
Or if you wish you could install Ad aware again.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 63 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware