Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Problem - Possibly Malware


  • Please log in to reply
3 replies to this topic

#1 BlueEyedFox

BlueEyedFox

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 28 May 2008 - 05:07 PM

I have strange problems. Its hard to explain I will be using my computer fine and than I will be unable to right click and when i try to open task manager I get the error sound This happens to applications at random Its happend to Internet Explorer, AOL, Ventrilo

So basically, Ventrilo will be open and I wont be able to right click or open task manager unless I close it. but, THis is not specific programs its programs at random. AOL is the worse I get that

"An AOL error has occured blah blah close and restart" message where its like impossible to stop and you cant close AOL, which happens every now and than but his is frequent, when this happens I have to restart my computer -Manually

What could this be?

Corrupted Windows Files?

What should I do?

I am pretty sure its not Malware becuase Malware does not act like this. I run Comodo Firewall Pro with Avira AntiVir and SUPER Anti Spyware so I think it would be safe. I will run a full system scan just to be sure I guess.

Update:
Comodo Built in Malware Scanner- Nothing
SUPER Anti Spyware- Some tracking cookies
MalwareBytes- Detecting the uninstllation file of a mulitplayer mod of San Andreas as Trojan.Vundo False Positive? Help. Link
Avira AntiVir- Detect Trojan Zlob in System Volume Restore and Quartined it


Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{9A6068A2-0202-455A-9D9A-B06F9C9E4608}\RP24\A0004039.exe

BC AdBot (Login to Remove)

 


m

#2 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 28 May 2008 - 05:15 PM

by utilising google one notices you have utilized imageshack to upload your image? there is a discussion ON the 'reliability' OF imageshack to be clear of nasties here http://www.bleepingcomputer.com/forums/ind...c=61625&hl=


can you fully update superantispyware and malawarebytes programs; run full deep scans with each and post their reports?

#3 BlueEyedFox

BlueEyedFox
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 28 May 2008 - 05:23 PM

Updated MalwareBytes (Outdated from 10th of May) and SUPER anti spyware was already updated so I am re-running it.

Edit:

Malwarebytes- 0, Pephaps it was a false positive and they corrected it since I scanned before without updating

Malwarebytes' Anti-Malware 1.12
Database version: 795

Scan type: Full Scan (C:\|)
Objects scanned: 153401
Time elapsed: 1 hour(s), 8 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


SUPER Anti Spyware- Detected a casino I use as AdAware but, That is a false positive because it is trusted, and a few cookies.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/28/2008 at 07:06 PM

Application Version : 4.1.1046

Core Rules Database Version : 3469
Trace Rules Database Version: 1460

Scan type : Complete Scan
Total Scan Time : 00:51:25

Memory items scanned : 459
Memory threats detected : 0
Registry items scanned : 4203
Registry threats detected : 0
File items scanned : 22037
File threats detected : 20

Adware.Tracking Cookie
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@statse.webtrendslive[2].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@doubleclick[2].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@tribalfusion[1].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@2o7[1].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@partner2profit[1].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@bs.serving-sys[1].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@atdmt[2].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@ads.bleepingcomputer[2].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@serving-sys[2].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@statcounter[1].txt
C:\Documents and Settings\BlueEyedfox\Cookies\blueeyedfox@ad.yieldmanager[1].txt

Adware.Casino Games (Golden Palace Casino)
C:\PROGRAM FILES\CASINOONNET\BIN\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\JOHN\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\CASINO-ON-NET.LNK
C:\DOCUMENTS AND SETTINGS\JOHN\DESKTOP\CASINO-ON-NET.LNK
C:\PROGRAM FILES\SLOTS PLUS CASINO\CASINO.EXE
C:\DOCUMENTS AND SETTINGS\BLUEEYEDFOX\DESKTOP\SLOTS PLUS CASINO.LNK
C:\DOCUMENTS AND SETTINGS\BLUEEYEDFOX\START MENU\CASINO-ON-NET.LNK
C:\DOCUMENTS AND SETTINGS\BLUEEYEDFOX\START MENU\PROGRAMS\CASINO-ON-NET\CASINO-ON-NET.LNK
C:\DOCUMENTS AND SETTINGS\BLUEEYEDFOX\START MENU\PROGRAMS\GAMES\CASINO-ON-NET.LNK
C:\DOCUMENTS AND SETTINGS\BLUEEYEDFOX\START MENU\PROGRAMS\SLOTS PLUS CASINO\SLOTS PLUS CASINO.LNK

Edited by BlueEyedFox, 28 May 2008 - 06:28 PM.


#4 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:07:53 PM

Posted 29 May 2008 - 12:54 PM

take a system restore point NOW

then I suggest you empty your temp internet files folder; update malawarebytes and superantispyware; reboot the computer ; run both again on full deep computer scans;

get malawarebytes to delete all it finds; you will need to reboot after that scan for the program to complete its work

then run super and get superantispyware to first quarantine all IT finds ; then post ITS report as well as the malwarebytes one

hopefully stating the obvious BUT do run each scan separately !!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users