I have a bad case of MALWARE! Please help me!

Hello, My brother was snooping around on a hackfoum and he downloaded some "facebook account stealer" Obviously a fake..

When he opens it next thing that happens was the file disappeared and the computer started acting strangely after a while.

So he shut it down and ran to me.

I tried everything i knew... I ran a full scan of NOD32 did malwarebytes antimalware... also spybot search and destroy... a few tracking cookies and other useless crap was found.

Next thing i know when i turn on my computer today was this:

http://img42.imageshack.us/img42/2438/11392554.jpg
This?

Is something wrong?

edit: The buttons are missing on the box for some reason..

It said Allow change, and Deny change.

I denyed it but it kept on comming back up. So then i just did "remember this setting" and did deny.

I'm pretty sure this is some kind of trojan that the person who made "facebook account hacker" put into my computer and changed the name and icon.

Can you guys please please please help me?

I have work i need to do, i need to order hardwood flooring for my boss and i cannot do it without getting rid of all the malware in the computer. Plus i don't want to know that some creep is watching me work on my stuff...


Please help me, i will be very grateful.

 

Thank you I am downloading it now.

I will Update with results

It said no virus found.

That was a quick scan.

PS: My uncle came over with some CD... it said combofix on it and he ran that...

Not sure if the computer is fixed yet.. How can i be sure? Thanks.

 

download and run Prevx, if still infected, you will know.

 

I suggest you use another, safe computer and download Windows Malicious Software Removal Tool and run it on the infected computer.

If this doesn't help, then on a safe computer again, download Avira Rescue CD. Burn the .iso onto a cd.

Put the cd into the infected computer's drive, restart it and boot on the cd.
Configure the scanner to detect AND rename any suspicious file. When the scan is finished, remove the cd and reboot the infected computer. If it's back to normal running, then search for all .xxx files, and erase them.

By the way, if that file managed to infect the computer, then it's fair to suppose it was not properly protected in the first place. I suggest you change your AV which obviously did not do a good job at preventing the infection. Also try to run on your computer as simple user instead of as admin.

 

The important thing about combofix is the log it generates. That can be used to diagnose you're isssues by a trained malware person at one of the sites JRViejo linked to.
You probably shouldn't be running it if you don't know what is what.

One thing combofix does is list files created in the last 30 days enabling you to narrow down the infection.

Try taking the url of the downloaded prog and let Anubis scan the link.

The most important thing is to get the issue fixed, it could be downloading more malware that is a greater danger.

I'm surprised JR didn't recomend the standard 3. MBAM, SAS and Cure It.

 

Bad advice.

Explanation BleepingComputer:

"Online HijackThis analyzers DO NOT always identify all the malware or all the files properly. They sometimes list legitimate files as bad and bad files as legitimate."

So, unless the user have very advanced computer knowledge, stay far away from these online HJT analyzers. Normally, only experts and trained analyzers are able to interpret HJT log entries in the correct way.

<S>

 

I'm sure Koroush would've returned with questions should the results have been questionable, and the possible backdrop to JR's consistently sound advice. Choosing to omit the second half of his input was choosing not to extend him the benefit of doubt. It's wise for any individual to check poster history before proceeding with advice.

 

How can you be sure that Koroush will interpret the results in a correct way? To me, according to his post the opposite will be valid.

<S>

 

Face it, results good or bad would've been reason enough to return. Lest we forget, he's got work he needs to get done!

 

These guys too JR, w/our own Tony Klein offer an online service as well - http://www.help2go.com/Tutorials/Protect_Your_PC/Help2Go_Detective.html

 

I actually don't understand why you guys never sujested these, but anyway :

please download Superantispyware, install and update
please also download A-squared, install and update

Please let them scan one by one and post back your results.

Please be carefull with A-squared as it can bring back many False Positives.

Thank you

 

Agreeing to disagree.

BTW, please don't try to involve Tony Klein in the discussion, he respect me and I respect him. Simple, isn't?

<S>

 

Your opening comment was fine without finding a way to pollute your post with what followed. His remark held nothing untoward. Furthermore, he was respectful enough to take the time and clarify his reasoning. As far as those concerned, this thread for the time being may as well be closed. It goes nowhere but downhill without continued input from the OP. If he needed to re-open it, he could just as easily pm one of the mods.