Computer Hope

Software => Computer viruses and spyware => Topic started by: harleymedic15 on November 10, 2008, 04:51:57 AM

Title: have virus or spyware unable to remove
Post by: harleymedic15 on November 10, 2008, 04:51:57 AM

My wife ran a virus scan with zonealarm pro and found that we had several virii? on our laptop, we have been unable to remove them so far.  I have followed all the required steps you request prior to receiving the logs. any help would be appreciated.

[Saving space - attachment deleted by admin]

Title: Re: have virus or spyware unable to remove
Post by: Carbon Dudeoxide on November 10, 2008, 06:02:19 AM

Welcome to ComputerHope.

Have you followed steps 3, 4 and 6?
http://www.computerhope.com/forum/index.php/topic,46313.0.html

Title: Re: have virus or spyware unable to remove
Post by: harleymedic15 on November 10, 2008, 11:23:14 PM

here are the other two logs

[Saving space - attachment deleted by admin]

Title: Re: have virus or spyware unable to remove
Post by: harleymedic15 on November 16, 2008, 01:22:31 AM

Have posted all 3 logs.  Hated to bump this post but your response said if i didnt receive any reply after 2 days to feel free to bump the post

Title: Re: have virus or spyware unable to remove
Post by: Carbon Dudeoxide on November 16, 2008, 02:05:45 AM

Ah, sorry about this. We are actually currently having a shortage of Malware Removal Specialists.

I would have a look at HJT log now but after a recent server crash, it appears the two attachments you have attached don't exist anymore.

Would you mind re-attaching them, please.
(If you don't have the logs, just get a new HijackThis log)

Title: Re: have virus or spyware unable to remove
Post by: harleymedic15 on November 17, 2008, 02:22:20 AM

here are the logs again.

[Saving space - attachment deleted by admin]

Title: Re: have virus or spyware unable to remove
Post by: Carbon Dudeoxide on November 17, 2008, 03:28:31 AM

Ok, your computer is infected.

I think we should let the Malware Specialists handle it from here. ;)

Title: Re: have virus or spyware unable to remove
Post by: harleymedic15 on November 18, 2008, 08:15:46 PM

ok great.  So do i just wait and they will contact me or do I have to do any thing to contact them? ???

Title: Re: have virus or spyware unable to remove
Post by: Carbon Dudeoxide on November 19, 2008, 06:19:26 AM

They will be along shortly. ;)

Note: Our Malware Specialist team is actually currently a bit understaffed. It may take a while.  :-\

Title: Re: have virus or spyware unable to remove
Post by: CBMatt on November 19, 2008, 07:05:37 AM

Sorry for the long wait.  As Carbon stated, we are understaffed and it can be difficult trying to get through hundreds of posts each week.  Also, I should note that bumping your post will put you at the bottom of the queue because we work on the oldest threads first.  Please read the disclaimer here:
http://www.computerhope.com/forum/index.php/topic,69848.0.html


The scans did well, but you've still got a small infection.  Follow these instructions and we'll hopefully get it taken care of by the end of the day...
Download ComboFix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) and save it to your desktop.  Run the program and read its disclaimer (it's fairly short) and make sure you really pay attention to what it says.  Follow the prompts and when finished, it will produce a log at C:\ComboFix.txt.  Go ahead and post that here along with a new HijackThis log.  Note: Don't click on the window while it's running; this may cause stalls.

Title: Re: have virus or spyware unable to remove
Post by: harleymedic15 on November 19, 2008, 06:48:51 PM

ok, here are the new logs. :-\

[Saving space - attachment deleted by admin]

Title: Re: have virus or spyware unable to remove
Post by: CBMatt on November 20, 2008, 04:39:15 AM

You should download and install SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html).  Update it and enable all protection.  Once you have done that, you can close the program.

Interesting...your computer looks clean now.  Have you performed any additional scans since the last time you posted logs?  The infection you had before appears to be gone, but it wasn't removed by the ComboFix scan.  Perhaps your ZoneAlarm managed to pick it up.

And speaking of ZoneAlarm...are you still having issues with it?  When you scan, is it still finding files that you can't remove?  If so, post a copy of the log here and I will try to provide some insight.

Title: Re: have virus or spyware unable to remove
Post by: harleymedic15 on November 24, 2008, 05:40:48 AM

last logs are posted here to see if its clean.  The superantispyware would never stop and had to stop it manually after 24 hours for each log I posted.  No other scans have picked up anything and the zone alarm has not found anything either.  Just wanted one last check to be sure.  Thanks for all the work

Title: Re: have virus or spyware unable to remove
Post by: harleymedic15 on November 24, 2008, 05:43:06 AM

forgot to attach them. here they are

[Saving space - attachment deleted by admin]

Title: Re: have virus or spyware unable to remove
Post by: CBMatt on November 24, 2008, 06:16:28 AM

Well, I'm still not seeing anything malicious in your logs, so I don't suspect an infection.  But like I said in my last post, you should get SpywareBlaster.  And run scans with your anti-virus at least once a week if you can.

You should also uninstall ComboFix.  Go to Start > Run and type in combofix /u (note the space) and click OK.

As for SAS...I can't think of what the problem is.  Some scans will take a long time, but anything over 5 hours is unnatural.  It may be a software issue.  For this particular problem, you may want to ask for advice over on the SAS forum:
http://forums.superantispyware.com/