Author Topic: Infected with virus? Something else wrong?  (Read 9276 times)

0 Members and 1 Guest are viewing this topic.

tjn8080

  • Guest
Infected with virus? Something else wrong?
« on: October 30, 2009, 02:08:29 PM »
Hello.  First post.

Here is my issue: my computer will load one application after a restart, and then will not be able to load further applications. I have performed several scans (Spybot, AVG, Avast), but nothing is detected. RAM should not be a problem. Can anyone offer suggestions on uncovering the issue?

Thanks in advance.

cinchez

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #1 on: October 30, 2009, 02:13:08 PM »
Try Malwarebytes

-AnimeLover^^

Offline .: L' arc :.

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1780
  • Thinking with Portals
Re: Infected with virus? Something else wrong?
« Reply #2 on: October 30, 2009, 02:14:46 PM »
Hi tjn8080 and welcome to the forums,

 May I ask what the only application that will start is?

 Moreover, please refrain from using 2 antiviruses (avast! and AVG). Please consider uninstalling one completely to prevent any further conflicts.

Step 1: Windows Disk Cleanup Utility ============

1   Press Windows Key + R
2   Type in: cleanmgr
3   Put a check beside: Temporary Internet Files and Temporary Files. Optionally, you may check other options too
4   Click OK

Step 2: avast! Boot Time Scan ============

1   Double click avast! antivirus desktop icon and wait for memory test to complete
2   avast GUI will appear. Right click anywhere on avast!'s window and select Schedule Boot Time Scan...
3   Click Advanced options and select Move infected file to Chest on the first dropdown list and leave the other one as it was. Click Schedule
4   You will be asked for a system restart. Click Yes to do it now or No to let avast wait for you to manually restart your PC
        NOTE: Optionally, you may enable scanning of archive files. If it is enabled, scanning would be more thorough but would take more time

Step 3: Malwarebytes Antimalware (MBAM) ============

1   Download Malwarebyes' Antimalware here
2   Proceed to installing MBAM after downloading
3   On the last dialog box, do not forget to leave Update Malwarebytes' Antimalware and Run Malwarebytes' Antimalware checked
4   Malwabytes' Antimalware GUI would appear, from there select Perform Quick Scan and click Scan
5   When scan is completed, click Show Results
6   Click Remove Selected and then, a notepad file will appear.
7   On the notepad window, click File > Save As and save it on your desktop. You may now close MBAM.

Step 4: Hijack This (HJT) ============

1   Download Trend Micro Hijack This here
2   Install HJT in C:\Program Files\Trend Micro\HijackThis (the location is already displayed by default). Click Install
3   HJT Window will appear. Click Do a system scan and save a logfile. A notepad file will pop-up once the scan is completed
5   Click on the Notepad window and click File > Save As and save the file on your desktop
6   Go back here on your topic and start a reply. On the Reply window, click Additional Options
7   Attach the two .txt files that we created and saved on your desktop (click more attachments to have more slots for attaching files)
        NOTE: Do not have HJT fix anything yet.
Windows 7 (64-bit) Home Premium SP1
avast! 9 RC1

tjn8080

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #3 on: October 30, 2009, 04:48:00 PM »
Mbam and HJT logs attached.  Thanks for looking.

YoKenny

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #4 on: October 30, 2009, 06:49:42 PM »
There is nothing bad showing up but Adobe Acrobat 7.0 is way down level and vulnerable to attack as Adobe Reader 9.2 is available:
http://get.adobe.com/reader <== un-select Free Google Toolbar

Go to Add/Remove programs and un-install Adobe.

What is the system specifications as to CPU type and speed and how much RAM doe the system have?

tjn8080

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #5 on: October 30, 2009, 07:35:31 PM »
There is nothing bad showing up but Adobe Acrobat 7.0 is way down level and vulnerable to attack as Adobe Reader 9.2 is available:
http://get.adobe.com/reader <== un-select Free Google Toolbar

Go to Add/Remove programs and un-install Adobe.

What is the system specifications as to CPU type and speed and how much RAM doe the system have?

Removed Adobe 7.0.

My system is a Pentium 4, 3.0 Ghz with 2MB RAM

YoKenny

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #6 on: October 30, 2009, 07:47:53 PM »
Did you use the un-install application for AVG before instaling avast! AVG Remover(32bit) (avgremover.exe)?
http://www.avg.com/us-en/download-tools

tjn8080

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #7 on: October 30, 2009, 08:29:32 PM »
Yes, AVG was uninstalled previously.

Jtaylor83

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #8 on: October 30, 2009, 09:42:29 PM »
There's are two alternative PDF viewers you can try:

Foxit Reader (Do not install Ask Toolbar)

PDF-XChange Viewer

tjn8080

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #9 on: October 30, 2009, 11:14:53 PM »
There's are two alternative PDF viewers you can try:

Foxit Reader (Do not install Ask Toolbar)

PDF-XChange Viewer

I actually installed Adobe 9.2 after deleting Adobe 7.0.

tjn8080

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #10 on: November 03, 2009, 01:51:24 AM »
Anyone else offer any advice?

CharleyO

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #11 on: November 03, 2009, 03:12:43 AM »
***

The MBAM log shows that 10 infected files were quarantined and deleted successfully.

Run HJT again and provide a new log for it, please.


***

tjn8080

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #12 on: November 03, 2009, 03:57:19 AM »
Thanks for the reply, CharleyO.  New HJT log attached.

CharleyO

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #13 on: November 03, 2009, 06:00:27 AM »
***

An analysis of your latest HJT log shows only a few small problems :

We couldn't detect any active process of a firewall on your system. Possible reasons:
(1.) You are using the windows firewall or a hardware firewall.
(2.) You are using a firewall of an unknown vendor.
(3.) You are using a firewall, but for unknown reasons it is disabled
(4.) You don't use any firewall at all.
We recommend you to use a firewall. Download and install one or activate windows xp´s firewall.
A 2-way firewall would be better than XP's inbound only firewall.

MSIE: Internet Explorer v7.00 (7.00.6000.16915)
You should consider upgrading to IE8 since it is more secure than IE7.

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
Unnecessary (deactivated) entry that can be fixed - Yahoo Companion

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
Unnecessary (deactivated) entry that can be fixed - AVG "Anti-Exploit" Toolbar

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
Unnecessary (deactivated) entry that can be fixed - AVG "Anti-Exploit" Toolbar

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
If you are not using McAfee products, the above entries should be fixed.

All of the above can be fixed using HJT by clicking the box to the left of the above entries and then clicking the Fix checked button.

I can not see as any of the above would be causing your problems unless the McAfee and/or AVG entries are giving some interference somehow but that is doubtful to me from the description of your problem.

Are you still having problems?


***
« Last Edit: November 03, 2009, 06:04:43 AM by CharleyO »

tjn8080

  • Guest
Re: Infected with virus? Something else wrong?
« Reply #14 on: November 03, 2009, 02:40:24 PM »
CO - Thanks for the response and insight.  Fixed the HJT issues that you pointed out.  I will follow up with a report of my current pc health after I spend some time with it.

Again, thanks for your time in helping to get me fixed.