Virus Removal help

Status
Not open for further replies.

zrules

Posts: 50   +0
My computer got slower. I think it is virus. I have a hijackthis log. Please help me remove virus/spyware.
 

Attachments

  • Log1.txt
    7.5 KB · Views: 5
I can't see any Malware present (note:I am not a Malware Specialist)

I did find this (still not Malware though)

C:\Program Files\Dell\BAE\BAE.dll
BAE.dll is GoogleAFE (Browser Address Error Redirector) object which is a browser plugin that redirects browser error pages to vendor customized Google search pages, often found on Dell PCs. This is a non-essential program. It is recommended that you remove it from your system to boost up the performance of your IE browser.

If you would like to follow:
Viruses/Spyware/Malware, preliminary removal instructions
https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/

To be certain, that would be better.
 
Can some one double check this? I think I downloaded some file that contains virus that i used for hacking (yeah stupid me), and now it screws up my computer performance. For example: some stuff take so long to open up.
 
First go to add/remove programs through control panel and uninstall anything to do with:
Viewpoint
UberIcon

Combofix
  • Download Combofix to your desktop.
  • Double click combofix.exe & follow the prompts.
  • A window will open with a warning.
  • Type "1" (and Enter) to start the fix.
  • When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.
Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Combofix is a very powerful tool so please do NOT do anything without instruction

Combofix will automatically save the log file to C:\combofix.txt

Next post should include combofix.txt and a Hijackthis log from after doing everything else
 
While I was having a look through the log I couldnt seem to see any antivirus stuff, I saw zone alarm but that was it, did I miss something?
 
well, or just don't download suspicious files, which I am not going to do ever again.

ok now i really need some professional help. My IE explorer opens 2 min after I clicked on it after everything is loaded when I start up the computer. it is definately a sign of virus/spyware/malware.
 
Thank you for your advice, but I truly think it is virus and spyware that caused the problem. Actually, other programs runs very slow too. I need BlindDragon to help or some other professionals!

I changed HJT.exe to Crusty.exe so that malware could be found. Here is the log.
 
ok

well I had a look through your HJT log anyway!

Even though all those Dell service startups aren't malware, I'd still disable them.
Plus a lot of others
This will help your computer's performance

I won't annoy you any longer.
 
I am not saying you are annoying, I just need some real help. I said thank you too.
anyways, I will delete these dell service startups.
 
If you are going to download stuff at all, ie using p2p such as,

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)

Get an ANTIVIRUS, You have just proved that you really need it, it wont cost you anything.
 
lol, the problem is, since my computer is mad slow now, installing these antivirus programs are pain in the ***. It takes so long to load up and it freezes.
 
Kimsland is a professional in my opinion.

Start Hijackthis and Do a System Scan only then put a check next to the following:
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)


These 2 are maybe's, they are used for some games like battle field and america's army, if you remove them they will screw up gameplay. They are generally detected as malware, but if you play those games do NOT remove them. If you don't play those games go ahead and check them also:
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe


Then select Fix Checked

I'm just now going to look at the combofix log.

Update your Java Runtime Environment
  • Click the following link
    Java Runtime Environment 6 Update 4
  • The 4th option down is the one you want
  • After the download locate and double click the installer jre-6u4-windows-i586-p-iftw.exe
  • Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions in your case Java 6 Update 3
 
Blind Dragon is right, kimsland is REALLY good at this, you should listen to what he has to say.
 
Ok here is the logs. I know you did not ask me to post it, but I did anyways.

What is ironic is that when i turned off Zonealarm, everything is blazing fast. I dont know why and what is the cause of that.
 
AVG Anti Spyware
  • Download and install the latest version of AVG Anti Spyware
  • Click Save File on the box that pops up after clicking the link
  • The AVG installer will download to your desktop, Double click on this Icon
  • In the installer Click Next, I agree, Next, Install, after it extracts the files, check box to launch AVGAS then Finish
  • With the program launched, Select the Icon at the top that says UPDATE then Start Update in the left pane
  • Now select the Icon at the top that says SHIELD then at the top of the left pane change "Resident Shield is ..." from Active to Inactive

Boot into SafeMode may want to write this down
  • Now select the Icon at the top that says SCANNER
  • then select the settings tab, in the first section "How to act?" click on recommended actions and change it to delete.In the reports section make sure it is set to Automatically generate report after every scan
  • Click back to the Scan tab and select Complete System Scan
  • Finally, after the scan, select the Infections Icon at the top, click Select All at the bottom then Remove finally also at the bottom

attach the report here
 
ok, thank you very much, will try it out later.

well the scan did not find any infections, so I do not have a report. What is the next step?
 
Your logs look clean I just wanted to be sure.

Go to add/remove programs and make sure you uninstalled java 6 update 3

Go to www.update.microsoft.com and make sure you aren't missing any updates

Are you having any more problems?


Spybot Search and Destroy
  • Download and install the latest version of Spybot - Search & Destroy (currently 1.5.2 (If you already have this version please open it, update, immunize, and Check for problems under search and destroy)
  • When you have downloaded the program, double click on the downloaded file to start the installation. Follow the default selections, agreeing to the user agreements, and pressing the Next button until you get to the Select Additional Tasks screen.
  • Make sure that the last entry ("Use system settings protection (Tea Timer)") is NOT checked.
  • Press the Next button and then the Install button to start the installation process
  • Check Run Spybot S&D press Finish. Spybot - S&D will now start
  • The first screen asks if you want to backup your registry in order to be able to restore from it in the future. This can cause no harm, so it is a worthwhile task to do. You should click on the Create registry backup button
  • Click on the Search for updates button. If updates are available then select the Download all available updates button
  • When the updates are installed click on the Next button
  • You should now click on the Immunize this system button. When it finishes click on Next button
  • Then click on the button labeled Start using this program to begin using Spybot - Search & Destroy
  • For help with any problems please see this guide Spybot tutorial

You can also speed up performance with spybot S&D. Go to Mode and select advanced. then expand tools in the left pane, then double click system startup uncheck items that don't need to be started everytime you turn on your computer. If you don't know what something is you can post here or google for it. Don't uncheck anything in green.
 
Ok, I think my computer is now A-ok. Thanks for your support guys.
p.s. I uninstalled Zonealarm and reinstalled it again. Is now faster.
 
Status
Not open for further replies.
Back