Spyware & Anitvirus installed and now web doesnt work pc hangs

By scotted
Nov 13, 2007
Topic Status:
Not open for further replies.
  1. Hi

    I have just joined techspot today as I am totally at a loss of what to do aout my pc which has developed a bit of an attitude problem like a moody spoilt little child. This obviously stems from my exceptionally bad parenting skills of which I have no excuse except to say that I am not too computer literate.

    I will do my best to post below the story of what has occured,what I have done to try and fix it (or make it worse) and the also post somne of the log files I have got.

    It all started a couple of weeks ago when I realised that my pc was insecure as I had let my antivirus & firewall subscription run out.I had downloaded a spyware program (Spybot search and destroy whch told me that I had some issues to fix) I therefore went out and updated my Zonealarm firewall subs and decided to invest in the Bitdefender 2008 antivirus program.

    Over the course of the bext week or so I began to have issues with my web browsers (internet explorer,Firefox & Opera) All I was getting was "page cannot be displayed,cannot find server or DNS error)

    What I didnt know was if this was a problem wth a virus,malware,spyware or just me messing something up.Sine then I have restored the system to an earlier date and the problem was fixed for an hour or two and then the connectivity issue came up again.

    I have run the following on my pc to determine what is wrong or hopefully get rid of nasties but the issue is still around

    RegistryFix
    AVG Antispyware
    Spyware Blaster
    AdAware 2007
    Spybot Search & Destroy
    Bit Defender 2008
    Zonealarm
    Silent Runners
    SmitFraudFix (wouldnt run on my pc,just hung)
    Ccleaner
    ComboFix
    HijackThis
    IESpyad
    MVPS Hosts
    VundoFix
    VirtumundoBeGone

    I will attach the HiJackThis log and a few others in the hope that someone out there can please help me out as my wife is getting very upset with me using "her" laptop all the time. Please let me know what other logs you require and I can post these as well

    Thanks very much
  2. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +17

    Hello and welcome to Techspot.

    Your system is infected with a variety of malware.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as Attachments into this thread, only after doing the above.

    Also, let me know the results of the Panda Antirootkit scan.

    Regards Howard :wave: :wave:

    This thread is for the use of scotted only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  3. scotted

    scotted Newcomer, in training Topic Starter

    Thanks for the welcome Howard and for the link to the Viruses/Spyware/Malware,preliminary removal instructions. I had read and followed all these instructions prior to actually posting on techspot, but unfortunately forgot to mention this in my previous post. (sorry about that) So rather worryingly the HJT & Combofix logs are good and up to date.The AVG Antispyware did not find any problems and Panda Antirootkit returned no issues.

    Thanks for the help

    Scott
  4. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +17

    I wasn`t aware of that, in that case, please post fresh HJT and Combofix logs.

    Regards Howard :)

    This thread is for the use of scotted only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  5. scotted

    scotted Newcomer, in training Topic Starter

    Hi Howard

    Logs attached

    Thanks
    Scott
  6. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +17

    Open notepad and copy/paste the text in the code box below into it:
    NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
    Also ..

    Pay particular attention to this :-

    Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
    Code:




    Save this as CFScript.txt

    Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.

    [​IMG]

    This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a fresh HJT log.

    Regards Howard :)

    This thread is for the use of scotted only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  7. scotted

    scotted Newcomer, in training Topic Starter

    Hello Howard

    I did as you said and have attached the 2 log files you requested

    Thanks
    Scott
  8. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +17

    All clean.

    Delete the following folder.

    C:\qoobox

    Turn off system restore.(XP/ME only) See how HERE.

    Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.


    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of scotted only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  9. scotted

    scotted Newcomer, in training Topic Starter

    Thanks Howard. You have been a great help

    Scott

    This thread is now closed: If you need this thread unlocking, please pm a moderator with a link to the thread.

    Only the original thread starter can do this. Anyone else, will be ignored.
  10. scotted

    scotted Newcomer, in training Topic Starter

    Hi Howard

    I ran bitdefender this evening and have come across a couple of viruses that the program cannot remove

    Trojan Downloads.Adload.AP & Trojan.Virtumod.AD

    Could you please advise what theese are and the best course of action to follow ?


    I also still cannot connect to the web using my other pc and wondered where I can find a good source for resolving DNS errors and also finding out if my host file has an issue ?

    Thanks very much for your help and I have attached my HJT & Combofix logs

    Scott
  11. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +17

    For your connection problem, Try Winsockfix and see if that helps.

    1.) Download WinsockFix.exe. (by: Option^Explicit)
    2.) UnZip WinsockFix.zip (Pay close attention to where the file is extracted to.)
    3.) Run WinsockFix.exe.
    4.) Click the Fix button.

    If that doesn`t help, then start a new thread for that problem in our Storage and Networking forum.

    Now to your problem.

    Both your log files are clean.

    Please can you give details of what exactly Bitdefender is finding, including the file paths and names?

    Regards Howard :)

    This thread is for the use of scotted only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  12. scotted

    scotted Newcomer, in training Topic Starter

    Thanks Howard

    I will run the winsok app and see what happens. I fI have no joy it will be a short little foray across the water to storage and networking.

    I have attached the bitdefender log in txt format which shows the isues detected at the end of the file

    Thanks again

    Scott

    attached this time though..sorry
  13. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +17

    The files BitDefender is finding are all files that are already in quarantine folders. I.E Housecall quarantine and Symantec/Norton quarantine.

    Empty/delete the contents of thos folders and you should be good to go.

    Example.

    C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine<Empty/delete the contents of this folder.

    C:\Documents and Settings\Scott &amp; Mel\.housecall\Quarantine<Empty/delete the contents of this folder.

    Regards Howard :)

    This thread is for the use of scotted only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.