Computer Hope
Software => Computer viruses and spyware => Topic started by: ArtVandalay7 on April 01, 2009, 08:18:45 AM
-
I suspect I may have a virus but need some help please. The screen now flickers twice each time on startup and I now have problems with the computer freezing up unexpectedly. I have McAfee running, also have run adaware and spybot, malwarebytes, secunia. Running these apps has also caused freezeups though and I have had to run them in safe mode although none of them have found anything when I do so. Also checked for Conficker in safe mode and was negative. Help please, any suggestions/thoughts? Thanks for any help!
-
That dont mean that you dont have it, but it seems that you did without doubt got hit. If you have a san disc put avast on it then run it in the infected machine.
-
thanks for the reply...sorry, but what's a san disc? I do have a 2gb memory stick...I ran avast in safe mode and it didn't find anything...
-
san disk is a usb flash drive. Not sure what your doing with memory?
-
I have a 2gb flash drive, not memory stick. Run it off the flash drive then?
-
there you go alot of people confuse that. But there two seperate things if it has like the auto run feature in it. Other wise you'll have conflicts, the only reason why I am saing to do this is cause one scanner cant get what another can. Too prevent futher issues as well.
-
I think it's just a plain old 2gb flash drive, nothing fancy. So I should download Avast onto it and then run the application from the flash drive, scanning the laptop hard drive?
-
If that all it is, I would attempt to find another way, if someone comes and helps with this since it does have the lanuchpad then, cause you'll just end up having the installer file to avast on there and when you run it, the possible confliction with avg is rather high.
-
Sorry, not sure if I understand. I have McAfee antivirus, not AVG. My flash drive is a 1 gb Simpletech. How should I proceed?
-
You dont need more than one Anti-Virus Software running, this is bad, can cause freeze ups and such.
Advice:Unistall Ad-aware, and leave MBAM(MalwareBytes) and either leave McAffe or Secunia installed on your computer
-
Sorry, working with several post. You dont have the advantage to run programs from your flash drive from what I know, in other words you be getting the install file to put avast on there rather then the program just install and be able to run with out conflict with mcafee. Its not possible to have two anti-virus cause of this and even if it was still wouldnt be considered. Some one else will hopefully be along to hope address the situation.
-
You dont need more than one Anti-Virus Software running, this is bad, can cause freeze ups and such.
Advice:Unistall Ad-aware, and leave MBAM(MalwareBytes) and either leave McAffe or Secunia installed on your computer
Thanks, Man. Did what I could on my behalf.
-
No problem ;)
And besides with all of those running at once, it probably takes a big toll on his CPU
-
Ok, done. I started with just McAfee on the computer which I am now back to but added these others in the last 24hours trying to find the virus...
-
That is a good point as well but asumed that it was like 3 ghz or somthing. Well you shouled be able to take it from here then. Just was attempting an easier way if you get it.
-
Again, thanks to everyone for taking the time to try to help. Mcafee on, uninstalled adaware and securia. Is there another way to eliminate this virus since my 2gb flash drive won't be of help?
-
you could try HijackThis, then post the logs from it.
-
Ok, thanks. Can I post the results here?
-
Sure, just post as an attachment
-
Ok, thanks again.
[attachment deleted by admin]
-
Did I attach the right file? Thanks!
-
yeah, he probably had looked at it.
-
Ok, hopefully it has a clue as to what's on my computer and how to get it off...
-
hopefully, for you
-
ok now, im looking at it and gonna run through it.
-
Ok, I found a Gopher in the log and you will want to fix the following item(If on the list):
O13 - Gopher Prefix:
Hope this helps
,Nick(macdad-)
-
Ok, I fixed it in the program...I'll try a reboot and see if it flashes at startup like before...thanks again for taking the time to help--it's very much appreciated!!!
-
I restarted but it still flashes to black X 2 on startup...think there's still a problem...
-
Is it just flashing black twice on startup? Because that is normal for Vista.
-
It is Vista, but I don't remember that happening before I think the computer got infected with the virus...is that gopher a product of a virus infection and should getting rid of it definitively solve the problem do you think? I'm going to try another malware scan and see if that freezes up the computer again...
-
O13 - Gopher Prefix: is normal on Vista computers. Removing it is up to you.
Use the Kaspersky Lab Online Scanner (http://www.kaspersky.com/virusscanner)
In Microsoft Windows Vista, you must open the Web browser using the Run as Administrator command. From the Desktop right click the icon to open the browser and choose Run as Administrator.
- Click on SCAN NOW
- Click Accept.
- The program will then begin downloading the latest definition files.
- Once the files have been downloaded locate the Scan Settings and have it scan My Computer.
- The scan will take a while, so be patient and let it finish.
When the scan is done, in the Scan is complete window, any infection is displayed.
There is no option to clean/disinfect, however, we need to analyze the information on the report.
To obtain the report:
Click on: Save Report As- Next, in the Save as prompt, Save in area, select: Desktop.
- In the File name area use KScan, or something similar.
- In Save as type: click the drop arrow and select: Text file [*.txt]
- Then, click: Save
(http://i154.photobucket.com/albums/s258/evilfantasy69/Kas-Savetxt.gif)
Copy and paste the Kaspersky Online Scanner Report in your next reply.
Note for Internet Explorer 7 and 8 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.
If needed, this animation (http://img505.imageshack.us/my.php?image=kassm9.gif) will guide you through the process.
-
Thanks! I ran the Kaspersky scan but it didn't find anything (nothing in the scan report)...Computer just froze up again and required 2 attempts to reboot to get it back on...
-
Thanks Evil, i was kinda running into corners ;)
-
Thanks Evil, i was kinda running into corners ;)
No problem.
It;'s likely not a malware issue.
-
scan result attached. FWIW, the problem seems to have occurred after one of the online adbots started to detect viruses on my computer and I had to close the browser to get rid of it...
[attachment deleted by admin]
-
online adbots
Well you appear to have luckily escaped.
WOT will help you avoid that from happening again.
I suggest using WOT - Web of Trust (http://www.mywot.com/). WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.
SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* (http://www.bleepingcomputer.com/tutorials/tutorial49.html)Using SpywareBlaster to protect your computer from Spyware and Malware (http://www.bleepingcomputer.com/forums/tutorial49.html)
* If you don't know what ActiveX controls are, see here (http://www.webopedia.com/TERM/A/ActiveX_control.html)
----------
Use the Secunia Software Inspector (http://secunia.com/software_inspector) to check for out of date software.
- Click Start Now
- Check the box next to Enable thorough system inspection.
- Click Start
- Allow the scan to finish and scroll down to see if any updates are needed.
- Update anything listed.
.
----------
Go to Microsoft Windows Update (http://windowsupdate.microsoft.com/) and get all critical updates.
----------
Check out Keeping Yourself Safe On The Web (http://evilfantasy.wordpress.com/2008/05/20/keeping-yourself-safe-on-the-web/) for tips and free tools to help keep you safe in the future.
Also see Slow Computer? It May Not Be Malware (http://evilfantasy.wordpress.com/2008/05/24/slow-computer-it-may-not-be-malware/) for free cleaning/maintenance tools to help keep your computer running smooth.
-
oooh! And AdBlockPlus, that's a great add-in!
-
I was using adaware and spybot in addition to McAfee before I think I may have picked up a virus, etc. Do you think I escaped? These occasional freezeups didn't happen before and I didn't think the screen flashed so dramatically at each startup but maybe I'm mistaken. If so, whew and I'll add those programs instead of the aforementioned ones I used before...
-
Ad-aware and Spybot are not as powerful as MalwareBytes and SUPERAntiSpyware.
Also use this.
SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* (http://www.bleepingcomputer.com/tutorials/tutorial49.html)Using SpywareBlaster to protect your computer from Spyware and Malware (http://www.bleepingcomputer.com/forums/tutorial49.html)
* If you don't know what ActiveX controls are, see here (http://www.webopedia.com/TERM/A/ActiveX_control.html)
-
gotcha, will do. What do you think, since the Kaspersky scan was clean, does that mean that I'm virus-free?
-
You appear to have luckily escaped.
-
I don't know, the computer is still freezing up and requiring 2 hard reboots to get it going again when it does...seems like something is still not right...
-
Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.
Link #1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link #2 (http://subs.geekstogo.com/ComboFix.exe)
**Note: It is important that it is saved directly to your Desktop
Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.
Temporarily disable your antivirus, and any antispyware real time protection before performing a scan. Click this link (http://www.bleepingcomputer.com/forums/topic114351.html) to see a list of security programs that should be disabled and how to disable them.
Double click combofix.exe & follow the prompts.
When finished ComboFix will produce a log for you.
Post the ComboFix log in your next reply.
Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.
Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.
If you have problems with ComboFix usage, see How to use ComboFix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)
-
here's the combofix output...thanks
[attachment deleted by admin]
-
Please go to Start > Run and copy/paste the following, then press Enter:
C:\QooBox\Add-Remove Programs.txt
A text file should open. Please post the contents of that file in your next reply.
-
I'm glad that I got you guys to jump in. Seems that things had gotin really nasty any how.
-
not sure what that last post is referring to...anyway, here is the qoobox output data. Again, thanks for any help, it's much appreciated!
[attachment deleted by admin]
-
Everything looks Ok. How is the computer running now?
-
Thanks evil. It runs mostly ok I think; however, still with some slowdowns/freezeups that didn't seem to occur beforehand...anyway, if it doesn't seem to be virus-related that's reassuring that things won't get worse at least...
-
Try some cleanup and then see how it is.
- Click START then RUN
- Now type Combofix /u in the runbox
- Make sure there's a space between Combofix and /u
- Then hit Enter.
.
.
The above procedure will:- Delete: ComboFix and its associated files and folders.
- Reset the clock settings.
- Hide file extensions, if required.
- Hide System/Hidden files, if required.
- Set a new, clean Restore Point.
.
----------
Download OTMoveIt3 by OldTimer OTMoveIt3.exe (http://download.bleepingcomputer.com/oldtimer/OTMoveIt3.exe) and place it on your desktop. (unless you already have it installed)
1. Double click OTMoveIt3.exe to launch it.
Vista users right click and choose Run As Administrator
2. Click on the CleanUp! button.
3. OTMoveIt2 will download a list from the Internet, if your firewall or other defensive programs alerts you, allow it access.
4. Click YES at the next prompt (list downloaded, Do you want to begin cleanup process?)
5. Once complete exit out of OTMoveIt3
----------
I would also recommend that you Defrag the computer. There may be a lot of fragmented sections on the drive after cleaning the malware.
You can use the built in Windows Defrag or a faster FREE program. Defraggler (http://www.defraggler.com/) is very effective and easy to use. Be sure to clean out temp files and restart the computer just before using this.
----------
Use the Secunia Software Inspector (http://secunia.com/software_inspector) to check for out of date software.
- Click Start Now
- Check the box next to Enable thorough system inspection.
- Click Start
- Allow the scan to finish and scroll down to see if any updates are needed.
- Update anything listed.
.
----------
Go to Microsoft Windows Update (http://windowsupdate.microsoft.com/) and get all critical updates.
----------
I suggest using WOT - Web of Trust (http://www.mywot.com/). WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.
SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* (http://www.bleepingcomputer.com/tutorials/tutorial49.html)Using SpywareBlaster to protect your computer from Spyware and Malware (http://www.bleepingcomputer.com/forums/tutorial49.html)
* If you don't know what ActiveX controls are, see here (http://www.webopedia.com/TERM/A/ActiveX_control.html)
Check out Keeping Yourself Safe On The Web (http://evilfantasy.wordpress.com/2008/05/20/keeping-yourself-safe-on-the-web/) for tips and free tools to help keep you safe in the future.
Also see Slow Computer? It May Not Be Malware (http://evilfantasy.wordpress.com/2008/05/24/slow-computer-it-may-not-be-malware/) for free cleaning/maintenance tools to help keep your computer running smooth.
-
I ment that it got out of hand and I wouldnt have been much help. I see that it is resolveing rather fast though. ;D
-
I'll get started on that tonight...hey evil thanks again for the help, great advice!!!