PDA

View Full Version : I have Malware, Help!



rybear4513
11-12-2008, 10:59 AM
I have the Winweb malware on my Alienware laptop - Service pack 2

Everything I have done here I have done in Safemode and Regularmode

I have tried system restore in safe and regular mode - neither seem to work, I get to the "click next, this may take a moment" after I have selected my restore point and I click next and nothing happens, no matter how many times I click next nothing will happen, no matter how long I wait, but if I hit cancel System restore the window closes right down with no problem.

I have installed ZoneAlarm, A Squared, AVG, and etc...None seem to work. A squared found about 9 threats which I deleted - they were trojans, back door trojans, etc...But still WinWeb runs fine. I did Download Malwarebytes and Spyware Doctor but neither will install.

I have tried searching my hard drive for Winweb and all the different file names that are listed on the internet but none will show search results on my PC. I have also tried the classic CTRL ALT DELETE and ending the process but with 30-40 processes running it is near to impossible to tell which is Winweb because Winweb seems to be disguised.

I am truly stumped - I have a lot of important information on this PC that I need to save.

How much does Geeksquad charge to fix something like this?

I am really trying to avoid reformating my hard drive.

Help is appreciated, thanks!

Curbd
11-12-2008, 11:03 AM
Have you tried Microsoft's malware removal tool (http://www.microsoft.com/security/malwareremove/default.mspx)?
It's a basic step, but if you havn't then I sugggest you try.

What are the symptoms and effects of this malware? I ran a google search but it appears to me as being a program to remove malware??

Best of luck

GameJunkie
11-12-2008, 11:06 AM
download malwarebytes (http://www.malwarebytes.org/) and see if that helps.

cheers

Speedy Gonzales
11-12-2008, 11:06 AM
Disable system restore, reboot, then try malwarebytes again

Try trojan remover below as well. Update it first, scan, then select all options under utilities as well

Speedy Gonzales
11-12-2008, 11:07 AM
download malwarebytes (http://www.malwarebytes.org/) and see if that helps.

cheers

He did, it didnt install

GameJunkie
11-12-2008, 11:09 AM
He did, it didnt install


woops:D

didn't see that in his post, lol

Speedy Gonzales
11-12-2008, 11:14 AM
By the looks of it malwarebytes should remove it

Here (http://www.bleepingcomputer.com/malware-removal/remove-winweb-security)

Disabling system restore may let you install it

Or get ccleaner (www.ccleaner.com) run it, go to tools/startup, then delete the startup entries for it, reboot then try to install malwarebytes

Just make sure the entries in startup, belong to it

rybear4513
11-12-2008, 02:56 PM
Have you tried Microsoft's malware removal tool (http://www.microsoft.com/security/malwareremove/default.mspx)?
It's a basic step, but if you havn't then I sugggest you try.

What are the symptoms and effects of this malware? I ran a google search but it appears to me as being a program to remove malware??

Best of luck

The effect is anytime I try to search the web it will redirect whatever link i click to some spam site

It also seems to have put a a Trojan Downloader and Tracker onto my computer

It freezes my computer often, so really trying to do anything on it is a pain

I'm going to try Disable System Restore to see if that works...I'll let you all know

Thanks

Speedy Gonzales
11-12-2008, 03:00 PM
Its rogue software, it says it removes malware, when in fact it does jack

It installs more crap on your system. Its like Antivirus 2008 / 2009

wainuitech
11-12-2008, 04:04 PM
If the malware is stopping you from going to sites and downloading the removal tools, Click on this (http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe) -- Its a direct download of Malwarebytes, that should come through. Install and run in full scan mode - after disabling System Restore.

Once run, then get Spyware Terminator, as well as Spybot S&D from my sig, install and run as well in full scan mode.

pctek
11-12-2008, 04:13 PM
I have tried system restore in safe and regular mode

I have installed ZoneAlarm, A Squared, AVG, and etc... I did Download Malwarebytes and Spyware Doctor but neither will install.


Turn off System Restore to delete the restore points - they are now infected anyway.

Zone Alarm is a firewall, it won't help. (And yes I know it makes other claims)
AVG - ditto.

Install Malware Bytes in safe mode, also SPybot.
And run Hijackthis first - also in safe mode. Post the log here, Speedy will tell you what to tick.

berryb
11-12-2008, 10:36 PM
This sort of has the same symptoms as this other post. Check my second post here http://pressf1.pcworld.co.nz/showthread.php?t=95434 and see if you have “TDSSserv.sys” installed.

Blam
12-12-2008, 12:27 PM
I have the Winweb malware on my Alienware laptop - Service pack 2

Everything I have done here I have done in Safemode and Regularmode

I have tried system restore in safe and regular mode - neither seem to work, I get to the "click next, this may take a moment" after I have selected my restore point and I click next and nothing happens, no matter how many times I click next nothing will happen, no matter how long I wait, but if I hit cancel System restore the window closes right down with no problem.

I have installed ZoneAlarm, A Squared, AVG, and etc...None seem to work. A squared found about 9 threats which I deleted - they were trojans, back door trojans, etc...But still WinWeb runs fine. I did Download Malwarebytes and Spyware Doctor but neither will install.

I have tried searching my hard drive for Winweb and all the different file names that are listed on the internet but none will show search results on my PC. I have also tried the classic CTRL ALT DELETE and ending the process but with 30-40 processes running it is near to impossible to tell which is Winweb because Winweb seems to be disguised.

I am truly stumped - I have a lot of important information on this PC that I need to save.

How much does Geeksquad charge to fix something like this?

I am really trying to avoid reformating my hard drive.

Help is appreciated, thanks!

If worst comes to worst-then you can boot from an UBCD4win or Knoppix/ubuntu live CD to recover your data. Just make sure you have a big external HDD