I am trying to fix my boyfriend’s mom’s computer… for the second time. I helped her last time (IE: Updated her non-existant anti-virus with Avast Free, did a full scan, and installed Spybot S&D). It appeared that we totally cleaned her computer out but now, whatever it is, is back with a vengence.
First off, a program simply called “Scanner” at some point had installed onto the computer. I deleted it and thought it might solve the problem but it didn’t.
In the Avast virus chest:
Name: EKqkYGiiiokoX.dll
Original Location: C:\Users\Cheryl\AppData\Local\Temp
Virus: Win32:Malware-gen
I scanned the computer with Malwarebytes. I did a quick scan first. 5 items came up and I removed them. The computer restarted before I had the chance to save the log. After I restarted, I decided to run a full scan too. I have tried this atleast 3 times, but it keeps freezing before it gets to finish… and 3 more infected objects keep coming up each time.
I have installed the other logging program OTL and it saved the logs. However, I don’t have the other computer hooked up to my network because I am afraid the malware could somehow infect my network. I also don’t want to copy the files to a disc then to my computer for the same reason.
Am I being too cautious or do you think it will be fine? I believe the logs are the only way I can take a step to fixing whatever this problem is…
Well i can’t rly say,Win32:malware gen could be whatever,i can think from trojan horse to other pieces of malware.If you are afraid you can log in safe mode,the virus won’t affect your network
How to boot into safe mode: http://antivirus.about.com/od/securitytips/ht/safemode.htm
Okay, so Malwarebytes won’t let me run a full scan without freezing. The quick scans don’t pick anything up anymore because I removed 5 files when I did the first quick scan. The full scan freezes with 3 infected objects found.
I did the OTL scan and it only saved the OTL file, not the other file “Extra”.
a tips are do a fullscan with malwarebytes and wait untill its find the first infection than u stop and deleted it and then do untill it stop freze, i did have same problem and its resolved for me!
Thank you. I just did a scan and it came up with 2 objects infected. I stopped the scan, removed them and restarted the computer. I am running another full scan and I will reply with the result.
If you are connected you should update Malwarebytes as you are scanning with database 5363 and latest is 5391
have you tried doing a scan in safe mode ?
They are fully updated when you download. Save to desktop and run from there
They are not installed so no uninstall just drag them to the resycle bin when done
If you read the comment below it says:
Rogue - “Scanner”
My analysis of this file using ThreatExpert brings me to the undeniable conclusion that this rogue is called, “Scanner.” It is a clone of all of the other fake defragmenters.
Thank you both very much, I really hope the problem is solved.
I ran the RKill program and then Malwarebytes. Hopefully the last of it has been deleted but I’m still having problems finishing the full scan. Thankfully, nothing seems to be coming up in the search anymore though.
I ran another Spybot scan and deleted another trojan (Win32.autorun.tmp). It also picked up “FastBrowserSearchToolbar” but it said it wasn’t able to delete it because it might have been in use or something.
I ran another Spybot scan and deleted another trojan (Win32.autorun.tmp). It also picked up "FastBrowserSearchToolbar" but it said it wasn't able to delete it because it might have been in use or something.
Can be false positives ?
You say in your first post that you have OTL, run it and post the log`s then Essexboy can have a look
Not trying to interject here but for what it’s worth, I have found many items doing a FULL scan in 'Safe Mode’that were not apparent otherwise. Also no chance of any other software interferring…for what ever reason. ;D
Please try a Full Scan with MBam in Safe Mode (as pondos suggested)
