 Computer seems to be infected with virus or malware causing pop-ups and browser issues, Not sure what this virus/malware is, or how to remove it. |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Forum Guidelines
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help DO NOT post a ComboFix log unless requested to. Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  |
 Nov 17 2009, 06:15 PM
Post
#16
|
|
 WhatTheTech Teacher  Group: Malware Response Team Posts: 619 Joined: 15-June 07 From: UK Member No.: 136,795  |
Please delete your copy of ComboFix and download the latest version from here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe (it has been updated) Please double-click it to run it and post the log it provides. If you are still having IE problems after that, please try the following. Close all IE windows and wait for a few seconds. Click Start >> Run and paste the following into the Run Box: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff Then hit Enter. This will start IE in safe mode, with add-ons disabled. Let me know if you still have problems with that. -------------------- Trained at the What The Tech Classroom where you too could learn to help others.
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here   |
 |
 
|
|
Nov 20 2009, 07:08 PM
Post
#17
|
|
|
New Member Group: Members Posts: 14 Joined: 20-January 08 Member No.: 184,896 |
Hi,
I did everything you suggested, and disabling the add-on's did indeed solve the problem. Then I tried tolaunch IE normally, and test which add-on was causing the problem by disabling them one by one, and it looks like it tracked down the issue. It is caused by the following add-on (which I seem to have installed with Java when we started this hijackthis thread): "Java™ Plug-In 2 SSV Helper" jp2ssv.dll When I disable this add-on, the browser runs great. However I am not sure if this add-on is important, or what files it originates from. Please let me know the best way to resolve this problem. Also I have a question about Kaspersky anti-virus. My tiral period is running out, so if I uninstall it and instead install Avast which I had before, what will happen to the quarantined items, some of which may be viruses? I don't want to accidentally reactive the virus that we got rid of. Just in case, attached is the new ComboFix log.
Attached File(s)
|
|
|
|
|
Nov 21 2009, 04:30 AM
Post
#18
|
|
|
WhatTheTech Teacher Group: Malware Response Team Posts: 619 Joined: 15-June 07 From: UK Member No.: 136,795 |
Interesting, I'm not sure why that particular add-on may be causing problems. As you may have guessed, the add-on is a Java component, that will allow you to view Java Applets and other Java based material in web pages. Depending on how often you visit sites that use Java Applets would denote whether or not it is important to you. If you are unsure of how many sites use Java Applets, you could try browsing as normal for a while with it disabled and see if you notice any sites with missing content. You could also try re-installing Java, as I guess its possible that the Malware could have interfered with the installation.
Kaspersky should clear its quarantine when its is uninstalled, but you should also be able to open the program and clear it manually. Eiter way, the quarantined items won't become active again. Your ComboFix log now looks fine  Click Start >> Run, and then type ComboFix /u and hit enter. You can now delete any other tools I had you download and use, unless you wish to keep them. Now that your system appears to be clean, there's just a few steps I'd like you to take to prevent any future infections.
Glad we could be of assistance. Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved. Stay Clean! jpshortstuff -------------------- Trained at the What The Tech Classroom where you too could learn to help others.
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here |
|
|
|
|
Dec 6 2009, 09:40 PM
Post
#19
|
|
|
New Member Group: Members Posts: 14 Joined: 20-January 08 Member No.: 184,896 |
Hi again,
I just noticed that now my computer cannot see the cd/dvd disk drive. I have two drives - one for DVD, and one CD-RW. They do not show up under "My Computer", and inserted CD's do not automatically play. The drive does not show up in device manager as well. Please let me know how I can fix it. I tried everything I could think of, and the drives do not show up. Also I ran 'ComboFix /u' and got to Windows blue screen, and I still appear to have ComboFix installed. Please advise if I still need to remove it somehow. This post has been edited by maloy: Dec 6 2009, 10:51 PM |
|
|
|
|
Dec 7 2009, 06:00 PM
Post
#20
|
|
|
WhatTheTech Teacher Group: Malware Response Team Posts: 619 Joined: 15-June 07 From: UK Member No.: 136,795 |
Hi,
Please see if you have this folder still: C:\QooBox If so, please click Start >> Run, then copy/paste this command into the Run box, and hit Enter: copy "c:\QooBox\Quarantine\c\windows\system32\drivers\pciide.sys.vir" "c:\windows\system32\drivers\pciide.sys" Then reboot your computer and let me know if that is any better. If not, let me know, we'll find another way. -------------------- Trained at the What The Tech Classroom where you too could learn to help others.
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 20th March 2010 - 05:19 AM |
© 2003-2010 All Rights Reserved Bleeping Computer LLC.