Possible virus
- Thread starter glhglh
- Start date
- Status
Bobbye
Posts: 16,313 +36
FYI: while the following are all legitimate processes, auto-updates contact the internet numerous times during the day 'looking' for updates- there may be none for months. I suggest you disable these features:
HP Software Update- HPWuSchd2.exe
SunJavaUpdateSched- jusched.exe
TkBellExe- realsched.exe
Google Updater- GoogleUpdaterService.exe
HP Software Update- HPWuSchd2.exe
SunJavaUpdateSched- jusched.exe
TkBellExe- realsched.exe
Google Updater- GoogleUpdaterService.exe
Rescanned and deleted per Bobbye
i rescanned hijackthis after i deleted the following per Bobbye
HP Software Update- HPWuSchd2.exe
SunJavaUpdateSched- jusched.exe
TkBellExe- realsched.exe
Google Updater- GoogleUpdaterService.exe
also, if i remember from acouple of years ago when my wife's computer had problems, the three R1 entries to "go.microsoft" may be problems that are redirecting communications to microsoft. i'm getting old sl i don't know if my memory is correct.
Thank you for taking your time to help.
i rescanned hijackthis after i deleted the following per Bobbye
HP Software Update- HPWuSchd2.exe
SunJavaUpdateSched- jusched.exe
TkBellExe- realsched.exe
Google Updater- GoogleUpdaterService.exe
also, if i remember from acouple of years ago when my wife's computer had problems, the three R1 entries to "go.microsoft" may be problems that are redirecting communications to microsoft. i'm getting old sl i don't know if my memory is correct.
Thank you for taking your time to help.
kritius
Posts: 2,077 +0
I dont really see anything in that log, lets dig a little deeper,
: Download and Run DSS
Download Deckard's System Scanner (DSS) to your Desktop. You must be logged onto an account with administrator privileges.
: Download and Run DSS
Download Deckard's System Scanner (DSS) to your Desktop. You must be logged onto an account with administrator privileges.
- Close all applications and windows.
- Double-click on dss.exe to run it, and follow the prompts.
- When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<- this one will be minimized.
- Attach the main.txt and the extra.txt in your reply.
Maybe we are fixed.
I have attached the Main.txt.
we may not need this. when i started, i could not get this computer to our mail server. now it is OK. the computer is also not redirecting the windows explorer to ads instead of google links. my daughter had this computer in Mexico from march 16th to April 14th. there is where the problems started.
at some time printed process of using the various anti malwell programs, i also restored the computer to a restore point prior to their trip to Mexico. That may have done the trick, but i'm afraid that the problem is still on the computer somehow, but not being loaded. i'll go through the history and try to find anything saved to the computer during that period and delete it.
i accidently closed the advanced.txt, and when i reran dss twice more, the advanced.txt did not run.
I have attached the Main.txt.
we may not need this. when i started, i could not get this computer to our mail server. now it is OK. the computer is also not redirecting the windows explorer to ads instead of google links. my daughter had this computer in Mexico from march 16th to April 14th. there is where the problems started.
at some time printed process of using the various anti malwell programs, i also restored the computer to a restore point prior to their trip to Mexico. That may have done the trick, but i'm afraid that the problem is still on the computer somehow, but not being loaded. i'll go through the history and try to find anything saved to the computer during that period and delete it.
i accidently closed the advanced.txt, and when i reran dss twice more, the advanced.txt did not run.
kritius
Posts: 2,077 +0
Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.
I would like you to do an online scan so that we can what else may be in your system,
Run Kaspersky online scanner
With the exception of Internet Explorer, which must be used for this scan, keep ALL programs closed
Note: It is recommended to disable onboard antivirus program and antispyware programs while performing scans to speed up scan time and to make sure there are no conflicts.
Do not go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable resident antivirus protection along with whatever antispyware application you use.
Do an online scan with Kaspersky Online Scanner in Internet Explorer. You will be prompted to install and run an ActiveX component from Kaspersky, Click Yes.
Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75%. Once the licence accepted, reset to 100%.
Please download Malwarebytes' Anti-Malware to your desktop.
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
- Then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform full scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected.
- When completed, a log will open in Notepad. please Attach the log into your next reply.
- If you accidently close it, the log file is saved here and will be named like this: C:\Documents and Settings\<your username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
I would like you to do an online scan so that we can what else may be in your system,
Run Kaspersky online scanner
With the exception of Internet Explorer, which must be used for this scan, keep ALL programs closed
Note: It is recommended to disable onboard antivirus program and antispyware programs while performing scans to speed up scan time and to make sure there are no conflicts.
Do not go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable resident antivirus protection along with whatever antispyware application you use.
Do an online scan with Kaspersky Online Scanner in Internet Explorer. You will be prompted to install and run an ActiveX component from Kaspersky, Click Yes.
Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75%. Once the licence accepted, reset to 100%.
- The program will launch and then start to download the latest definition files.
- Once the scanner is installed and the definitions downloaded, click Next.
- Now click on Scan Settings
- In the scan settings make sure that the following are selected:
o Scan using the following Anti-Virus database:
o Extended (If available, otherwise use standard)
o Scan Options:
o Scan Archives
o Scan Mail Bases - Click OK
- Under select a target to scan, select My Computer
- The scan will take a while so be patient and let it run.
- Please do not use your computer while the scan is running. Once the scan is complete it will display if your system has been infected.
- Click the Save Report As... button (see red arrow below)
- In the Save as... prompt, select Desktop
- In the File name box, name the file
- In the Save as type prompt, select Text file (see below)
- Include the report in your next post.
kritius
Posts: 2,077 +0
Please download the OTMoveIt2 by OldTimer.
- Save it to your desktop.
- Please double-click OTMoveIt2.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
- Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
Code:[kill explorer] C:\Users\Hannah Marie\AppData\Local\VirtualStore\Windows\System32\dmpmo.tmp C:\Users\Hannah Marie\Documents\no purpose\Limewire\New Folder (4)\lauren hannah\little miss sunshine.mp3 C:\Users\Hannah Marie\Documents\no purpose\Limewire\New Folder (4)\limewire 2\New Folder\chainsaw daniel merriweather.mp3/Setup.exe C:\Users\Hannah Marie\Documents\no purpose\Limewire\New Folder (4)\limewire 2\New Folder\leader phantom planet.mp3 purity [start explorer] - Return to OTMoveIt2, right click in the "Paste Standard List of Files/Folders to Move" window (under the light blue bar) and choose Paste.
- Click the red Moveit! button.
- Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
- Close OTMoveIt2
I'm having problems with this step
Kritius,
after following the directions for OTmoveit2 many times, i keep getting the following response each time.
"Invalid time flag! [setup.exe]. Must be numerical."
at this time i exit the program.
the only way to get bace a taskbar is to use control alt delete and reboot.
in the OT directory, there are no log files, but i put the directories it created in the attached log file.
i also use ccleaner to uninstall limewire (i have told my daughter several times over the years not to use this, but... teenagers....
also, during this process, i have tried to look at "documents and settings" directory in "my computer" but get the message "access denied", even when i am logged on as the administrator, and (note this computer is Vista) and if i turn the firewalls off for a short time. i have also tried to change the properties of the file to allow the administrator to make changes, but that is also not allowed.
what do i do next?
Again, thank you for your time, as always.
Kritius,
after following the directions for OTmoveit2 many times, i keep getting the following response each time.
"Invalid time flag! [setup.exe]. Must be numerical."
at this time i exit the program.
the only way to get bace a taskbar is to use control alt delete and reboot.
in the OT directory, there are no log files, but i put the directories it created in the attached log file.
i also use ccleaner to uninstall limewire (i have told my daughter several times over the years not to use this, but... teenagers....
also, during this process, i have tried to look at "documents and settings" directory in "my computer" but get the message "access denied", even when i am logged on as the administrator, and (note this computer is Vista) and if i turn the firewalls off for a short time. i have also tried to change the properties of the file to allow the administrator to make changes, but that is also not allowed.
what do i do next?
Again, thank you for your time, as always.
Are we done with this computer?
Are we done with this computer?
just checking if we are done and i can give this back to my daughter.
also, i want to check my computers, can i send a log on the two computers i use the most. and if so, which log is the best to send?
also thank you for all of your help.
Are we done with this computer?
just checking if we are done and i can give this back to my daughter.
also, i want to check my computers, can i send a log on the two computers i use the most. and if so, which log is the best to send?
also thank you for all of your help.
- Status
Similar threads
Latest posts
-
Apple Vision Pro is facing declining interest and sales among consumers- Zsoltblabla replied
-
Bending metal: The changing server business- Arbie replied
-
Ryzen 7 5800X3D vs. Ryzen 7 7800X3D, Ryzen 9 7900X3D and 7950X3D- Q Wales replied
