Results 1 to 30 of 30

Thread: Big time virus/malware

  1. #1
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default Big time virus/malware

    I've gotten a computer virus or malware that basically blocks me from accessing any type of security software's website to get updates for my software to remove the damn thing and I basically can't think of any way to root the shit out of my laptop.

    Any suggestions?
    Last edited by Kal El; 11-30-2008 at 01:05 AM.

  2. #2
    God That Smelled Good linkinkampf19's Avatar
    Join Date
    Sep 2008
    Location
    Pennsylvania
    Posts
    315
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    F8 before the Windows boot screen pops up. Saved my ass many a time, for sure.

  3. #3
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    Thanks

    Now to just solve the malware/virus dilemna

  4. #4
    God That Smelled Good linkinkampf19's Avatar
    Join Date
    Sep 2008
    Location
    Pennsylvania
    Posts
    315
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    Which malware do you speak of? It may have a particular solution. Otherwise, blast it with whatever AV you have (AVG or Avast preferable), Spybot S&D, HiJackThis!, and maybe as a last resort, ComboFix. Once hopefully cleansed, patch it up with a dose of SpywareBlaster. That should keep you good to go if you intend to stay free.

  5. #5
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    I have the same problem as this guy has/had:

    https://www.bullguard.com/forum/10/-...-to_66294.html

    The only problem is I tried following what the forum mod suggested and I can't do what he said to do.

  6. #6
    God That Smelled Good linkinkampf19's Avatar
    Join Date
    Sep 2008
    Location
    Pennsylvania
    Posts
    315
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    Is it that you cannot download ComboFix, or can you and not run it? If it's that you cannot download it, best thing I can suggest is get it downloaded onto a flash drive from another computer and try it from there. Best of luck. I gotta sleep, so if you need help, I'll be around tomorrow.

  7. #7
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    I've only got access to the one computer until my roomate decides to come home when he decides to get home from his weekend romp.

    I can't download it. I get a message saying windows blocked it because it tries accessing some stupid file.
    Last edited by Kal El; 11-30-2008 at 02:36 AM.

  8. #8
    Senior Member lolturnip's Avatar
    Join Date
    Sep 2008
    Location
    England
    Posts
    83
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    Do what I said here

    http://www.casualdiscourse.com/forum...18&postcount=2

    Unless you have a nasty infection, everything should be cleared up if you do the above. It is also worth installing a program called "Hijackthis" and pasting the results into this websites (http://www.hijackthis.de/) online analyser. Just becareful of what you remove.

  9. #9
    God That Smelled Good linkinkampf19's Avatar
    Join Date
    Sep 2008
    Location
    Pennsylvania
    Posts
    315
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    It sounds like he has something which is not allowing him to do anything until he gets both ComboFix and HiJackthis! running in safe mode. Is safe mode itself being blocked?

    I hate to mention such a drastic step, but you might want to try and backup your most crucial files and reformat the affected drive.

    I had something similar happen not too long ago (it did not need a reformat), bu it was quite odd in how it unfolded. I left my computer on while going to watch Heroes, no torrents or files downloading, no connections open except for Firefox, and within the hour, something had rebooted and infected my computer. Logged back on, thinking it was just my screensaver that triggered the login screen, and I was treated to "buy Antivirus 2009 now!" shit. Most webpages were blocked, Avast wouldn't start, but somehow, I got Combofix (from another computer I think), and cleared everything up. Killed my whole night, but otherwise a clean system.

    Maybe this is similar to what you have?

  10. #10
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    Yes its similar to what I have. I'll just have to wait a day to be able to get combofix from another computer and save it in a flash drive to put in my laptop.

  11. #11
    Senior Member
    Join Date
    Sep 2008
    Posts
    25
    Credits
    1,218
    Mentioned
    0 Post(s)

    Default

    See if you can download Super Anti Spyware. It is free and can be found here.

    It sounds like a lame program, but it finds and fixes things that Spybot, Adaware, AVG, and CCleaner don't fix. It is honestly the best program that I have used for deleting nasty files. If you can't access the website, PM me and I'll rapidshare the executable for you.

    Also, make sure to boot up in safe mode when you run the scan, as it will be able to scan more files that way.

  12. #12
    Pill popping nihilist Cryptic's Avatar
    Join Date
    Sep 2008
    Posts
    641
    Credits
    317
    Mentioned
    0 Post(s)

    Default

    I agree about Super Anti Spyware. It does indeed kick ass. I had a Smitfraud infection last summer. Easy fix, right, because there's a program specially written to clean it. Except yeah it didn't work. Super Anti Spyware was the ONLY thing that did, and I tried a butt ton.

  13. #13
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    Can somebody also be nice enough to download and upload Hijackthis to rapidshare?

  14. #14
    God That Smelled Good linkinkampf19's Avatar
    Join Date
    Sep 2008
    Location
    Pennsylvania
    Posts
    315
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    http://rapidshare.com/files/16895254...stall.exe.html

    There you go. Freshly downloaded from download.com.

    Good luck.

  15. #15
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    Thanks linkin

  16. #16
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    Here's the log from my scan, anybody see anything that could be causing my problem? I've ran like 5 or 6 virus scans and still have the same problem. The spyware and anti-virus scans did pick shit up, but that was gon since the first scans.

    log
    Last edited by Kal El; 11-30-2008 at 06:56 PM.

  17. #17
    God That Smelled Good linkinkampf19's Avatar
    Join Date
    Sep 2008
    Location
    Pennsylvania
    Posts
    315
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    Delete all the [no file] and [file missing] entries, and read what I have next to the other entries in bold... I know it's not much help, but it's something.

    Quote Originally Posted by Kal El View Post
    Here's the log from my scan, anybody see anything that could be causing my problem? I've ran like 5 or 6 virus scans and still have the same problem. The spyware and anti-virus scans did pick shit up, but that was gone since the first scans.

    log
    I would still suggest Combofix if you can get it. I can Rapidshare that to you too if you'd like.
    Last edited by linkinkampf19; 11-30-2008 at 07:41 PM.

  18. #18
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    Please do rapidshare it for me, It's probably the only way I'll get rid of this shit.

  19. #19
    God That Smelled Good linkinkampf19's Avatar
    Join Date
    Sep 2008
    Location
    Pennsylvania
    Posts
    315
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    Freshly downloaded from bleepingcomputer.com

    http://rapidshare.com/files/169035034/ComboFix.exe.html

    Yet again, good luck.

  20. #20
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    In the meantime, a new log:


  21. #21
    God That Smelled Good linkinkampf19's Avatar
    Join Date
    Sep 2008
    Location
    Pennsylvania
    Posts
    315
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    Here's the tutorial if you need it. I tossed it into anonym.to for hope that the infection won't block it.

    Anonym zu www.bleepingcomputer.com/combofix/how-to-use-combofix

  22. #22
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    combofix log


    thanks linkin, you've been a big help. you saved me from a lot of hassle.

  23. #23
    God That Smelled Good linkinkampf19's Avatar
    Join Date
    Sep 2008
    Location
    Pennsylvania
    Posts
    315
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    Hey, just trying to regain my status here as a semi-reasonable computer nerd. That, and I had his almost exactly happen to me, so I'm always glad to help out someone who is also affected by this pest.

    Certainly, it helps that I'm bored as fuck too. :P

  24. #24
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    so, everything is working great. i finally got to update my anti-virus software and now i've got it set to update every day and scan every day.

  25. #25
    Pill popping nihilist Cryptic's Avatar
    Join Date
    Sep 2008
    Posts
    641
    Credits
    317
    Mentioned
    0 Post(s)

    Default

    I'd still suggest Super Anti Spyware. Anti-virus programs don't catch all malware, no matter how good they are.

  26. #26
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    Quote Originally Posted by Cryptic View Post
    I'd still suggest Super Anti Spyware. Anti-virus programs don't catch all malware, no matter how good they are.
    I have it set also, the virus just blocked me from running it. It was a retarded and foul virus.

  27. #27
    Senior Member lolturnip's Avatar
    Join Date
    Sep 2008
    Location
    England
    Posts
    83
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    Quote Originally Posted by Kal El View Post
    Here's the log from my scan, anybody see anything that could be causing my problem? I've ran like 5 or 6 virus scans and still have the same problem. The spyware and anti-virus scans did pick shit up, but that was gon since the first s

    HijackThis v2.0.2


    O20 - Winlogon Notify: winbjv32 - C:\WINDOWS\SYSTEM32\winbjv32.dll
    O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - (no file)
    O22 - SharedTaskScheduler: g322 - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00322} - (no file)
    O22 - SharedTaskScheduler: {03413bf7-e34c-445b-bfc0-a2b127255871} - incestuously - (no file)
    Remove asap

    You appear to be infected with "A variant of the Trojan.Win32.Agent.qt Trojan."
    Last edited by lolturnip; 12-01-2008 at 02:33 AM.

  28. #28
    Senior Member ShitFace's Avatar
    Join Date
    Sep 2008
    Posts
    5,025
    Credits
    3,586
    Mentioned
    0 Post(s)

    Default

    Quote Originally Posted by lolturnip View Post
    Remove asap

    You appear to be infected with "A variant of the Trojan.Win32.Agent.qt Trojan."
    How did you work that out from the log, out of interest?

  29. #29
    Senior Member lolturnip's Avatar
    Join Date
    Sep 2008
    Location
    England
    Posts
    83
    Credits
    315
    Mentioned
    0 Post(s)

    Default

    Quote Originally Posted by ShitFace View Post
    How did you work that out from the log, out of interest?
    I pasted the Hijackthis log into the analyser site I posted above, then googled "winbjv32.dll" and several sites said it was "a variant of the Trojan.Win32.Agent.qt Trojan."

    Kal El, have you fixed this problem yet?

  30. #30
    Canned Kal El's Avatar
    Join Date
    Sep 2008
    Location
    Wonderland
    Posts
    2,936
    Credits
    352
    Mentioned
    0 Post(s)

    Default

    Yes I have, thanks everybody for the help. I meant to post sooner that I fixed it but I got distracted with work.

    That trojan was a pain in the ass to root out.
    Quote Originally Posted by KT_ View Post
    Yes.

    Yesterday I was playing the Mirror's Edge demo while a dude was eating me out. Mirror's Edge is fucking awesome. I'm excited.
    Quote Originally Posted by victrola View Post
    he may be a faggot but in this case he is correct

Similar Threads

  1. It's about time!
    By Harner in forum The Carport
    Replies: 61
    Last Post: 02-15-2009, 09:42 AM
  2. Virus? or Spyware?
    By invision in forum Technology Today
    Replies: 1
    Last Post: 11-23-2008, 10:45 AM
  3. Anti-virus software
    By Who in forum Technology Today
    Replies: 8
    Last Post: 09-22-2008, 01:15 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •