Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus System Pro [Moved]


  • Please log in to reply
4 replies to this topic

#1 mrmus

mrmus

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:04:47 AM

Posted 08 July 2009 - 10:50 PM

This morning, my daughter informs me that her pc has a virus. I have worked on it all day...or at least tried to. Here are the symptoms:

1. Every three minutes or so, an alert window pops up from Antivirus System Pro that I have a virus and can only get rid of it by downloading ASPro.

2. Every five minutes or so, I get a larger pop up in the middle of the screen that states the same type of message.

3. Every six minutes or so, IE opens up automatically to one of three sites...porn, viagra or more porn.

5. Computer is very slow because of this processing stuff.

6. AVG anti virus comes up showing a virus, but can't send it to the virus vault because it says that the VV is full.

I came on this site and downloaded Malwarebytes' Anti Malware and when I try to run it I get two error messages:
1. vb accellerator SGrid ll Control: run-time error '0'. I close this window to get:
2. Malwarebytes' Antimalware:Run-time error '440' Automation Error

I did finally get a dds file run and it is on the infected pc. I will put it in the next message in the morning. But for now, Please help me get this going.

Thank you in advance!

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:47 AM

Posted 09 July 2009 - 12:28 AM

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.

==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 mrmus

mrmus
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:04:47 AM

Posted 09 July 2009 - 09:30 AM

OK..here is the dds log:


==== Installed Programs ======================


2Wire Wireless Client
Ad-Aware SE Personal
Adobe Flash Player ActiveX
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 6.0.1
Agere Systems PCI Soft Modem
Apple Mobile Device Support
Apple Software Update
AVG 8.5
Blackhawk Striker from Compaq (remove only)
Blasterball 2 from Compaq (remove only)
Bounce Symphony from Compaq (remove only)
BroadJump Client Foundation
Carmen Sandiego Word Detective v1.0.1
CCleaner (remove only)
Compaq Connections
Compaq Instant Support
Compaq Organize
Crystal Maze from Compaq (remove only)
DIG Game Manager
Download Updater (AOL LLC)
Five Card Frenzy from Compaq (remove only)
Haunted Mansion
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
HP Deskjet 3740
HpSdpAppCoreApp
ICRAplus
Incredibles - Escape from Nomanisan Island
Intel® Extreme Graphics Driver
IntelliMover Data Transfer Demo
iTunes
Jarte
Java 2 Runtime Environment, SE v1.4.2_03
Java™ 6 Update 10
KBD
Lexmark 640 Series
Little Mermaid Print Studio
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Orbital from Compaq (remove only)
Otto from Compaq (remove only)
Overball from Compaq (remove only)
Panda ActiveScan 2.0
PC-Doctor for Windows
Polar Bowler from Compaq (remove only)
Princess Magical Dress-Up
PS2
Python 2.2 combined Win32 extensions
Python 2.2.1
Quicken 2004
QuickTime
RDFLabel
RealOne Player
Rugrats Totally Angelica Boredom Buster
Secret Agent™ Barbie™
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Slyder from Compaq (remove only)
SpongeBob SquarePants - Nighty Nightmare
Tradewinds from Compaq (remove only)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Viewpoint Media Player
Visual IP InSight(SBC)
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows XP Service Pack 3
Word Symphony from Compaq (remove only)
Yahoo! Toolbar
ZyDAS IEEE 802.11 b+g Wireless LAN - USB

==== End Of File ===========================


I was also able to download an avanti virus scanner and got these results:

7/8/2009, 12:07:13 PM
Memory scanning started...
No virus body found in memory.
Memory scanning finished (69.8s).
----------
Files scanning started...
C:\Documents and Settings\Owner\ntuser.dat.LOG... file could not be scanned!
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\9762J65H\installb[1].exe... file could not be scanned!
C:\Documents and Settings\Owner\My Documents\My Pictures\Pretty,pretty pictures\....................O.o.jpg... file could not be scanned!
C:\Documents and Settings\Owner\My Documents\My Pictures\Pretty,pretty pictures\...........utena.bmp... file could not be scanned!
C:\Documents and Settings\Owner\My Documents\My Pictures\Pretty,pretty pictures\.....speechlessness.......jpg... file could not be scanned!
C:\Documents and Settings\Owner\My Documents\My Pictures\Pretty,pretty pictures\....Okay, L O freakin L.jpg... file could not be scanned!
C:\Documents and Settings\Owner\My Documents\My Pictures\Pretty,pretty pictures\....W...T...F.... O.o.jpg... file could not be scanned!
C:\Documents and Settings\Owner\My Documents\My Pictures\Pretty,pretty pictures\...W...T...F....jpg... file could not be scanned!
C:\Documents and Settings\Owner\My Documents\My Pictures\Pretty,pretty pictures\...WTF O_o.jpg... file could not be scanned!
C:\Documents and Settings\Owner\My Documents\My Pictures\Pretty,pretty pictures\...WTF......jpg... file could not be scanned!
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP546\A0099734.dll... file could not be scanned!
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP546\A0099754.exe... file could not be scanned!
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP546\A0099763.exe... file could not be scanned!
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP547\A0099794.exe... file could not be scanned!
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP547\A0099802.exe... file could not be scanned!
C:\WINDOWS\ld12.exe... file could not be scanned!
No virus body found.
Files scanning finished (128538 files, 0 infected, 6211.4s).
Drives scanned: C: D:
----------
7/8/2009, 1:53:49 PM
Memory scanning started...
No virus body found in memory.
Memory scanning interrupted (23.6s).
----------

So, please help me when you get a chance! Thank you!

#4 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:04:47 AM

Posted 10 July 2009 - 05:12 PM

I believe you are mistaken, that is not a DDS log
A DDS log does not belong in this forum anyways

Please check your PM's, I sent you one

Right-click on the Task Bar and open Task Manager
In the Applications window, end all running tasks
Start a new task and type explorer.exe
This should bring up the Desktop and you should be able to run some scans

Run Mbam if you can and post the log
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#5 mrmus

mrmus
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:04:47 AM

Posted 11 July 2009 - 01:23 PM

Hey Thanks for getting back with me! We got it fixed finally...we did a system restore. You are correct...the dds file was from another program that I tried to remedy the situation with. Thank you for your guidance! You guys are great!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users