Computer Hope
Software => Computer viruses and spyware => Topic started by: geoffnl on July 08, 2008, 04:27:47 AM
-
when I scan my computer nod32 keeps scanning 1 file and doesn't continue the scanning for like 3 hours.
the problem is the file is not on my pc anymore :-[
also a disc cleanup and defragmentation doesnt solve the problem
what should I do ??? ???
Thanks in advance
-
It is possible that you may be infected. Follow the steps outlined here: http://www.computerhope.com/forum/index.php/topic,46313.0.html
and welcome :)
-
What file?
Can you see what it is and post it here?
-
I just ran an other disc cleanup and defragmentation and now it is scanning perfecly fine ;D
I will check if it keeps doing it fine otherwhise I will be back ;)
anyway Thanks for your help ;D ;D
or do I still need to post a scanlog???
-
Post it just to make sure everything is fine...
-
um sorry still one question do I need to post the nod32 log or do i need to download hijackthis and post that log?
Edit: I am following the steps outlined by evilfantasy right now and do I need to post all the logs?
-
Yes.
-
Here are my logs
I hope everything is fine ;D
[recovering disk space -- attachment deleted by admin]
-
*** You need to update Java:
http://java.sun.com/javase/downloads/index.jsp
Java Runtime Environment (JRE) 6 Update 7
Uninstall all previous versions of Java through Add\Remove.
*** Download, and run QuickTime Killer: http://www.softpedia.com/get/System/Launchers-Shutdown-Tools/QuickTime-Killer.shtml
QuickTime Killer will remove QuickTime from start up and kill any running QuickTime processes. This application runs silently at start up and closes itself as soon as it takes care of QuickTime
*** Disable Windows Defender, as it'll interfere with cleaning process:
* Open Windows Defender
* Click Tools
* Click General Settings
* Scroll down to Real Time Protection Options
* Uncheck Turn on Real Time Protection
* After you uncheck this, click on the Save button
* Close Windows Defender
1. Print this post out, since you won't have an access to it, at some point.
2. Close all windows, except for HijackThis.
3. Put a checkmark next to the following HijackThis entries (some entries will be checkmarked to disable unnecessary startups; in those cases [marked with *], no actual program will be removed):
- O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
- O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
- O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
- *O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
- *O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
- *O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
- *O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
- *O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
- *O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
- *O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
- *O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
- *O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
- *O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
- *O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
4. Click on Fix checked button.
5. Restart computer.
6. Post new HijackThis log.
-
*** Download, and run QuickTime Killer: http://www.softpedia.com/get/System/Launchers-Shutdown-Tools/QuickTime-Killer.shtml
QuickTime Killer will remove QuickTime from start up and kill any running QuickTime processes. This application runs silently at start up and closes itself as soon as it takes care of QuickTime
when I am trying to run Quicktime killer then it asks me to install .net framework.
I installed .net framework version 3.5 but the Quicktime killer still asks for it
did I do something wrong ???
-
it asks me to install .net framework
Does it say what version it needs?
-
I got the right version now but why do I need quicktime killer what is wrong with quicktime?
-
This is not really a big issue. QuickTime forces itself to be a startup, while it's totally unnecessary.
Anyway, we won't go an extra mile to play with it.
Please, post new HJT log.
-
sorry for the deley but here is my new HJT log ;D
I hope everything is ok now
Thanks in advance ;D
Edit: I do have to put windows defender back on right ;D
[recovering disk space -- attachment deleted by admin]
-
I can see, that QuickTime Killer installed somehow, and it's running...hmmmmm
Then....
Your computer is clean (http://209.85.48.8/228/109/upload/p3879546.jpg)
1. Download, and install CCleaner: http://www.ccleaner.com/download/builds. Get "Slim" version.
Read CCleaner instruction here: http://www.jahewi.nl/ccleaner/ccleaner.html.
Run CCleaner.
2. Turn off System Restore:
- Windows XP:
1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore".
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
- Windows Vista:
1. Click Start.
2. Right-click the Computer icon, and then click Properties.
3. Click on System Protection under the Tasks column on the left side
4. Click on Continue on the "User Account Control" window that pops up
5. Under the System Protection tab, find Available Disks
6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
8. Click OK
3. Restart computer.
4. Turn System Restore on.
5. Download, and install McAfee SiteAdvisor: http://www.siteadvisor.com/download/ff.html. It'll warn you (in most cases) about dangerous web sites.
6. (optional) Download, and install free version of ThreatFire: http://www.threatfire.com/. It'll give you an extra protection against malwares. It won't interfere with your antivirus program
7. Read "So how did I get infected in the first place?": http://www.castlecops.com/postlite7736-.html
8. Let me know, how your computer is doing.
-
I already have CCcleaner installed but I have these settings ( I guess they are good )
http://www.computerhope.com/forum/index.php/topic,22078.0.html
and I will run trough your steps soon ;D
and I will let you know how my pc is doing
( is it also good if I use scans once in a while (SUPERantispiware, Malwarebites))
Thanks alot for your help!!! ;D ;D
-
is it also good if I use scans once in a while (SUPERantispiware, Malwarebites)
Absolutely!
-
Thanks alot for your help
but the link is not working on step 7
7. Read "So how did I get infected in the first place?": http://www.castlecops.com/postlite7736-.html
-
Alternative: http://forums.spybot.info/showthread.php?t=279