Virus problem.

Status
Not open for further replies.
T

tarheels05

Posts: 9   +0
Ok, I built anew computer last week. Everything was great until couple days ago. I have two problems. I have trend micro 2007. It keep tellmg me it has found something called RAP GENERIC. Its a virus I think, and it allows remote access. Trend Micro cant remove and it brings me to their website witch tells me to.... (click link)

http://www.trendmicro.com/vinfo/grayware/ve_graywareDetails.asp?GNAME=RAP_GENERIC&VSect=Sn

do that.

I don't now how to ue those spyware patterns when i scan so I am not sure how to get rid of RAP GENERIC.

Second problem when i start up widows I log on then windows sits at my desktop background for 2 minutes. Then everything loads normal. Its wierd.

Any help would be greatly appreciated, thank you everyone.
 
Hello and welcome to Techspot.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

Also, let me know the results of the AVG Antirootkit scan.

Regards Howard :wave: :wave:

This thread is for the use of tarheels05 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
AVG Antirootkit scan came up with nothing. Again this is a brand new computer i just built. I did have a problem with one scan, you will see below in one of the txt documents. I keep gettting themeage form trend micro teling me to go here and I am confuedwhat to do there.

(http://www.trendmicro.com/vinfo/gray...NERIC&VSect=Sn)

I also still have the probem with the paused start up. I did find thingswhne i scanned but they all eem to beminorannoyances that i dealt with. I appreciate anyone that helps.........

this is just annoying.....
 
Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\windows\ALCMTR.EXE

Other than the above, your logfiles are clean.

You didn`t post an AVG Antispyware log, please do so in your next reply.

Also, can you please give details of the files found by your trend micro 2007. I need to see the full filepath and file name/s.

Regards Howard :)

This thread is for the use of tarheels05 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Ok here is what the latetest scans from AVG Antispyware log and Trend Mirco. (attatchements)


O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
is part reat tek audio onmysystem but i deleted it anyway......


On the Trend Micro scan you should be able tosee RAP GENERIC. (the one it cant delete)

I am stil not sure what i causing the "delayed" system startup... anyways here ya go... ty for helping....
 
Delete all files in Trend quarantine.

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

Morpheus

Close control panel.

1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

2. Download the attached avengerscript.txt and save it to your desktop

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by double clicking on its icon on your desktop.

Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please attach the content of c:\avenger.txt into your reply, as well as a fresh Trend log.

Regards Howard :)

This thread is for the use of tarheels05 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 

Attachments

  • avengerscript.txt
    121 bytes · Views: 5
Ok, when i saw it was Morpheus, i just uninstalled and deleted the folder. So when i ran Avenger it ddidnt find it because i manually deleted it.

I also atatched the trend micro scan below. It isnt coming up anymore.... so hopefully that means its allright.

I restarted twice now and my computer has not "delayed" hopefully it wont do it any more..... Think that could of been virus or spyware realated?
 
Your logs look fine now.

Morpheus is nasty and should be avoided like the plague.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of tarheels05 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Ok yea everything is fine now, but when i load (boot) windows i still get a 1 to 3 minute delay, then everything loads fine.. Not sure whats up, I now its not spyware or virus now. I barley have any programs on the computer besides a couple games ... Its more of and annoyance then anything. Just seeing if you all knew anything that would fix it.
 
My computer was doing that a few months ago. A reformat and reinstall solved it for a while, then is started doing it again. It turned out to be a hard drive problem, which was fixed with me buying a new drive. I`m not saying this is your problem, but it might be. I`d try a reformat and see how it goes.

Regards Howard :)

This thread is for the use of tarheels05 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
A reformat would wipe all my programs wouldnt it...... and windows..... and if not where do i go uner start menu correct?
 
Yes, a reformat would wipe all your stuff. But is possibly the best way to sort out the slow startup problem.

If you like, you can post a fresh HJT log, I`ll take a look and see if I can see anything untoward.

Regards Howard :)

This thread is for the use of tarheels05 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
OK heresa log it justman i put this computer together 6 days ago, so maybe its the hard drive.... sadly but the logs below.....

I searced the net and found one person saying a program might connect to the interent to look for an udate every boot, and something with user accounts and copying everyhtig to a new user account, who knows.....
 
Definitely nothing nasty there.

Try the following.

Click start/run and type msconfig into the run box and press the enter key. Click the startup tab and untick all items, click apply ok and reboot your computer. See if your bootup time is any quicker.

Regards Howard :)

This thread is for the use of tarheels05 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Wow, now that`s weird. I have no idea what would cause that, other than possibly some OS corruption.

Maybe try a Windows repair as per this thread HERE.

Regards Howard :)

This thread is for the use of tarheels05 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Hey i ran hard drive diagnostics and nothing bad came up....

I just remmbered that my first option to boot i off the cd then hard drive now that windows is installed should i go to BIOS and change it to Hard drive? ( Im thinking no though)


Should i repair or no and if do will that delete alot of information?
 
There`s no need to change the boot order in bios, as it`s already set correctly.

Doing a Windows repair will leave all your data intact. However, as with any major undertaking, I advise you backup your important data first.

The only thing that a repair will delete is any windows updates that you`ve done since Windows was installed. It will return the OS to the version that is on the Windows cd and you will have to run Windows updates again once the repair has finished.

Regards Howard :)

This thread is for the use of tarheels05 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.

Similar threads

R
Solved Google redirect virus on Windows 7. It stops most antivirus/malware software
2
Replies
40
Views
14K
Broni
Broni
J
Solved 5 step virus removal error
2 3
Replies
72
Views
11K
Broni
Broni
T
Solved AVG telling me I have "Win/heur32" and "TR/Crypt.XPACK.Gen"
Replies
12
Views
3K
Broni
Broni

Latest posts

Back