Virus

Status
Not open for further replies.
V

Valerie

Posts: 38   +0
Hello There....

I recently ran BitDefender Online Scanner, it identified one virus w/five infected files. The information was the files could not be disinfected or deleted. I attempted to search for the files it provided and did so w/out success. The only information provided by the scan was virus detected
Trojan.Generic.71582. Any help would be greatly appreciated. Thanks!
 
as requested

alright, spybot found two problems w/my settings and fixed them both. also, adware results were just a couple of cookies and i removed them.
 
logs

There were no results on the panda root kit. Here are the logs you requested.

Also, ever since I started following the Viruses/Spyware/Malware, preliminary removal instructions every 2-3 minutes I am receiving a pop box that says: a change has been dected in the background page displayed on your desktop. You new page is (this is actuall empty). If this is ok, then click yes or press enter. Click no and we'll restore your page to the default, about home. I keep selecting no but then receive the same exact message again a few minutes later.


Alright, I have been trying to upload the logs w/out success. I keep obtaining an upload error message. The AVG Anti-Spware had just one tracking cookie which I deleted.
 
i was able to finally download hjt log. i'm still working on the other ones. thanks for your patience.

(Moderator edit: Posts merged. Please use the edit button, rather than replying to your previous post where there are no other replies in between. If bumping the thread, please wait at least 24 hours for a reply.)

heres the combofix log.
 
WinPatrol loaded
Ad-Aware Loaded
Yahoo SearchProtection Loaded
AVG Anti-Spyware Loaded
SpywareGuard Loaded
Sygate Loaded
a-squared Scanner Loaded

With also
Your HP Printer
AVG Antivirus
DiscGui
MSN
And more

It's a wonder the computer runs !

I'd say go to Add/Remove programs and remove everything not needed anymore

AFTER that (and after a few reboots I suppose) download and run this:
http://www.mlin.net/StartupCPL.shtml
And disable as many things starting as possible, except Antivirus)
Note: these startup shortcuts, all start with Windows

Then at last post your hijackthis.log again
 
another hijack attachment

omg, i know i have a lot of programs on the start up and just in general. honestly, i don't even know what programs i actually even need. i'm terrified to remove any programs because i'm not sure what the majority of them are and if its a program that the computer needs to properly function. any suggestions would be greatly appreciated. i made a few adjustments but know i could probably make more w/your help.
 
Fix these two inactive entries in HijackThis:

O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file)
O3 - Toolbar: (no name) - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - (no file)

Apart from that, your logs are pretty much clean. Kimsland shall help you with the rest of the unnecessary program removal part.
 
Kimsland shall help you with the rest of the unnecessary program removal part
Click to expand...
Are you saying that users should have all these programs running ?
Or are you saying that the programs themselves are unnecessary (ie they didn't help on this error)
 
OK

Valerie, have you purchased these other programs ?
If so then you could keep them (slowing your computer)
But if these programs are free, then you might think of going to Add/Remove programs in Control Panel and removing them (I would)

I'd also download Startup Control Panel (after the removal of all the other stuff above http://www.mlin.net/StartupCPL.shtml

And disable any other unwanted startups

By the way I am not saying to remove you Antivirus program
Which should always be updated with real protection enabled
 
Another good way for managing startup programs without downloading additional software is through spybot S&D. Go to Mode and select advanced. then expand tools in the left pane, then double click system startup uncheck items that don't need to be started everytime you turn on your computer.
 
thank you

I removed and cleaned up some of the start up programs. Also, I just realized that the infected files that the scan found were in restore.
 
Thanks Valerie, good point

You should stop System Restore and then start it again creating a new clean restore point.

How to stop System Restore

Go to Control Panel
Go to System
Click on System Restore
Tick the square to disable it
Click Apply
Click Yes

To re-enable (as long as all malware is gone)
Un-Tick the square
Apply
OK

All done
 
Hooray.

Mostly support here will ask for another log file. But actually I believe this is all clean.

Is it quicker now ?

Resolved
 
I am not an expert in fully diagnosing your log.
But I cannot see any issues in any file loading, except:
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
Which is really not a concern.

If you would like to continue in checking/removing non-needed startups in your computer, please have a look at this link, which really covers everything.

You may receive other replies
 
JIT debugger

I received a message:

registered JIT debugger is not available. An attempt to launch a JIT debugger with the following command resulted in an error code of 0x2 (2). Please check computer settings.

cordby.eve !a 0x1700

what is this message and how can i correct it?
 
Just In Time debugger

And also you meant cordbg.exe (But that's ok, I knew it anyway :)

Usually this fault has to do with .NET Framework corruption.
It's a matter of uninstalling it, then re-installing it
Info Here: http://support.microsoft.com/?id=320112

One user reported that using System Restore, back to a time that all was ok, fixed the problem. But I would recommend doing the MS steps, just in case.
 
Help Please

I recently ran an online scan w/emsi, it said I had Worm.Win32.Netop.a and listed eight files that were infected. Is this a trojan or virus? How can I get rid of it. Any help would greatly be appreciated. Thanks!
 
help please

I recently ran an online scan w/emsi, it said I had Worm.Win32.Netop.a and listed eight files that were infected. Is this a trojan or virus? How can I get rid of it. Any help would greatly be appreciated. Thanks!

Also, when I ran the spybot & search, I received a pop up warning box, "there were problems in the include file C:\Program Files\Spybot-Search_Destroy\Includes\Trojans.sbi. See "Include errors.log' for details. I just clicked the ok button. It appeared during the middle of the scan. Once the scan was complete, it said Congraluations, no immediate threats were found. I also ran the Panda Antirootkit. No problems!

I attempted to upload the combo txt however it said my file of 127.7 kb bytes exceeds the forum's limit of 100.kb for this file type. There were no results on the AVG Antispyware logs.


I posted a new thread as requested but haven't received any responses yet. Did I not post it correctly, here is a copy of what was posted.
 
Status
Not open for further replies.

Similar threads

midian182
Google to delete billions of Incognito mode browsing records as part of lawsuit settlement
Replies
6
Views
122
ZedRM
ZedRM
A
Mercedes-Benz accidentally shared its source code and business secrets with the whole...
Replies
11
Views
288
toooooot
T
midian182
Over 170 million fake reviews were removed from Maps and Search thanks to Google's new...
Replies
0
Views
95
midian182
midian182

Latest posts

Back