Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

my computer's infected please help !

by parachuter2b Nov 5, 2008 12:31AM PST

Hi there,

I think I might have infected my computer two days ago, cos ever since I've been getting random executable files generated in my "...\windows\system32" or "...\Documents and Settings...\Temp\" folder and try to connect to the internet. The first time I was stupid enough to let them connect as Norton Internet Security said they are of low risk.

but I right away killed the process and been ever since blocking them from connecting to the net.
Here's an exmaple of the files names:
a8CnNnLI.exe
they keep on cloning and I keep getting the Norton security alert asking me if I wanna let them connect.
even though i've blocking the connection, I get annoying Internet Explorer pop-ups connecting to gambling sites and run ads. I also get random noises coming out of my speakers!!!

I updated my ad-aware and internet security
and ran a full-scan twice so far, but haven't found anything.

Any suggestion?

ps. I'm afraid of logging in to my bank account. Do you think it's dangerous?

Discussion is locked

4 Posts
- Collapse + Expand Details
- Collapse -
Yep, Try This..
by Grif Thomas Former Forum moderator Nov 5, 2008 1:11AM PST

Stay aware from your bank account until things are cleaned up.. Please try the steps below:

First, ,,,,

Please download Malwarebytes' Anti-Malware from the link below:

http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
_____________________

And IF you are not able to download these tools on your machine, please use a friend or family member's computer and download the Malwarebytes tool and it's manual update from the link below.. Once downloaded, rename the program installer "mbam-setup.exe" file to something else like "Gogetum.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Gogetum.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.

Malwarebytes Download Link (Clicking on the links below will immediately start the download dialogue window.)
http://www.besttechie.net/tools/mbam-setup.exe

Malwarebytes Manual Updater link
http://www.malwarebytes.org/mbam/database/mbam-rules.exe

After doing that, then download the free tool from the link below, install it, update it, then run a full system scan:

SUPERAntispyware Removal Tool

Hope this helps.

Grif

- Collapse -
Good Advice, Can You Help Me Now?
by 50y/o Nov 8, 2008 1:32AM PST

Grif, I'm a newbie to computers and learning as I go, by reading forums such as this. From those such as yourself(cnet moderators/staff), experienced users and others also new to computers and security issues, I've downloaded/installed all my security applications for Free, thanks to Editor and User Reviews. So far I've been fortunate in comprehending most details in using these applications.
I am currently using IE7(not really happy with this browser..any advice on others?)..Windows XP/SP2..CCleaner..SpywareBlaster..Ad-Aware..SpyBot S&D..and Avast AV. Again, Freebies that are highly rated and so far, keeping my computer secure(I Update and Scan weekly).
I downloaded and installed what you suggested to earlier poster here, Malwarebytes' Anti-Malware, for more security against spy/ad/malware yesterday. My question is that after running the initial full scan with Malwarebytes', in which five(5)infections were discovered, I was under the impression from past readings that one should never delete nasties if not sure what they are, but instead Quarantine/Isolate/Put In Chest..etc..until we are sure? Is this true? But my main question, if so true, How Do I put the 5 infestations in Quarantine in the Malwarebytes' Anti-Malware app?
I could not find answer here at CNET nor at Malwarebytes' site. Please forgive me if I intruded in this thread but this was only Subject I could find in relationship to Malwarebytes' Anti-Malware.

Thanks In Advance.

- Collapse -
Re: Malwarebytes Anti-Malware question...
by glenn30 Nov 8, 2008 2:34AM PST

From memory I believe Malwarebytes will automatically place any infections/malware in "Quarantine" from where you can investigate, delete or restore the items as you choose.

I have never found anything other 3 trojans recently quarantined but later found to be false positives... Malwarebytes promptly issued and update correcting the problem... I then restored these from quarantine.

Hope this helps.

Glenn

- Collapse -
Yep, Glenn's Got It..
by Grif Thomas Former Forum moderator Nov 8, 2008 3:47AM PST

See the Malwarebytes forum link below to see that infected files are "Removed" to the Quarantine folder.

http://www.malwarebytes.org/forums/index.php?showtopic=5778

In regards to automatically deleting items, that depends on the items that's found.. I've done this enough that I'm familiar with what IS and what might not be a true infected file. I can usually tell if the file is a "bad" one. Still, there are occasional false positives and as such, it's not a bad idea to keep them in a Quarantine location till you can decide on the effects their deletion is caused.

As to other browsers, there are a number including Firefox & Opera.. Personally, I like the free Firefox browser.. Download it, install it, and give it a try:

http://www.mozilla.com/firefox/

Hope this helps.

Grif

Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info