Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

virus damage net


  • Please log in to reply
4 replies to this topic

#1 OunDream

OunDream

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 15 August 2009 - 01:59 PM

hallo ,

i'm new here , just join yesterday . a few days ago i was browsing through tha forum on how to get rid of uca' virus or somethin like that ,i download super anit adware cause tha virus was blockin me from usin malwarebytes .. but after i got rid of it with super anti-adware i install comodo i think that's what's it's called for a firewall . i installed it an restated my comp an ran it in quick scan an full scan , it caught 92 virus i deleted them then restart my comp but after i restarted my comp i notice my wireless is not workin an not sure what kind of virus it is or how to deal with it .

i know it's some sort of virus cause my girl is usin wireless too an she can connect on it fine on her laptop but i can't , it always say limited connection or not connected at all . i' have both malwarebytes , super anti-adware for virus scanner an avira

also i'm runnin window xp sp3

any help would be thankful ,
take care all

BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:03:40 PM

Posted 15 August 2009 - 02:02 PM

Let's get a good look at what's running on that computer.

Please download and run Processexplorer

http://technet.microsoft.com/en-us/sysinte...s/bb896653.aspx

Under file and save as, create a log and post here

copy and paste into a reply

You will need to use a jump drive to transfer to your computer from a working one

Hold down the shift key when connecting it to either computer

Edited by DaChew, 15 August 2009 - 02:03 PM.

Chewy

No. Try not. Do... or do not. There is no try.

#3 OunDream

OunDream
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 16 August 2009 - 04:11 AM

mkay here you go

Process PID CPU Description Company Name
System Idle Process 0 93.18
Interrupts n/a Hardware Interrupts
DPCs n/a Deferred Procedure Calls
System 4
smss.exe 424 Windows NT Session Manager Microsoft Corporation
csrss.exe 488 Client Server Runtime Process Microsoft Corporation
winlogon.exe 516 Windows NT Logon Application Microsoft Corporation
services.exe 560 0.76 Services and Controller app Microsoft Corporation
svchost.exe 760 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 804 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 844 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 904 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1008 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1032 Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 1140 Spooler SubSystem App Microsoft Corporation
sched.exe 1236 Antivirus Scheduler Avira GmbH
svchost.exe 1656 Generic Host Process for Win32 Services Microsoft Corporation
avguard.exe 348 Antivirus On-Access Service Avira GmbH
AppleMobileDeviceService.exe 404 Apple Mobile Device Service Apple Inc.
mDNSResponder.exe 456 Bonjour Service Apple Inc.
svchost.exe 936 Generic Host Process for Win32 Services Microsoft Corporation
jqs.exe 988 Java™ Quick Starter Service Sun Microsystems, Inc.
nvsvc32.exe 1508 NVIDIA Driver Helper Service, Version 45.28 NVIDIA Corporation
svchost.exe 2264 Generic Host Process for Win32 Services Microsoft Corporation
ViewpointService.exe 2388 ViewMgr Viewpoint Corporation
ViewMgr.exe 3544 ViewMgr Viewpoint Corporation
WLService.exe 2488 WLService GEMTEKS
WMP54Gv4.exe 2536 0.76 WMP54Gv4 Linksys
wmpnetwk.exe 2544 1.52 Windows Media Player Network Sharing Service Microsoft Corporation
searchindexer.exe 2596 Microsoft Windows Search Indexer Microsoft Corporation
searchprotocolhost.exe 1604 Microsoft Windows Search Protocol Host Microsoft Corporation
searchfilterhost.exe 1868 Microsoft Windows Search Filter Host Microsoft Corporation
hpzipm12.exe 3992 PML Driver HP
iPodService.exe 4028 iPodService Module Apple Inc.
alg.exe 412 Application Layer Gateway Service Microsoft Corporation
lsass.exe 572 LSA Shell (Export Version) Microsoft Corporation
explorer.exe 1540 0.76 Windows Explorer Microsoft Corporation
hpsysdrv.exe 1832 hpsysdrv Hewlett-Packard Company
HpqCmon.exe 1860 HpqCmon MFC Application
hphmon05.exe 1888 HPHmon05 Hewlett-Packard
kbd.exe 1904 KBD EXE Hewlett-Packard Company
ltmsg.exe 2024 ltmsg Agere Systems
shwicon2k.exe 2044 Sunkist Alcor Micro, Corp.
ALCXMNTR.EXE 140 Realtek Audio - Event Monitor Realtek Semiconductor Corp.
rundll32.exe 296 Run a DLL as an App Microsoft Corporation
realsched.exe 464 RealNetworks Scheduler RealNetworks, Inc.
iTunesHelper.exe 892 iTunesHelper Module Apple Inc.
hpztsb09.exe 948 HP
jusched.exe 972 Java™ Platform SE binary Sun Microsystems, Inc.
avgnt.exe 1320 Antivirus System Tray Tool Avira GmbH
msnmsgr.exe 1444 Windows Live Messenger Microsoft Corporation
aim6.exe 1280 AIM AOL LLC
aolsoftware.exe 3072 AOL AOL LLC
ISUSPM.exe 1536 Macrovision Software Manager Macrovision Corporation
ctfmon.exe 1556 CTF Loader Microsoft Corporation
veohwebplayer.exe 1568 Veoh Web Player Beta Veoh Networks
btdna.exe 1712 DNA BitTorrent, Inc.
wmpnscfg.exe 1776 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation
SUPERAntiSpyware.exe 1784 SUPERAntiSpyware Application SUPERAntiSpyware.com
WindowsSearch.exe 2176 Windows Search System Tray Microsoft Corporation
SpamSub.exe 2360 SpamSubtract interMute, Inc.
procexp.exe 3672 3.03 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
rundll32.exe 1760 Run a DLL as an App Microsoft Corporation
Ymsgr_tray.exe 1700 Yahoo! Messenger Tray Yahoo! Inc.

#4 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:03:40 PM

Posted 16 August 2009 - 06:13 AM

Run SAS again as specified in these directions

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
Since I am going to need to see some logs and you will need to be able to download some more tools, we need to use another computer and a usb drive to transfer with.

Have you tried connecting wired or with safe mode with networking?
Chewy

No. Try not. Do... or do not. There is no try.

#5 OunDream

OunDream
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 17 August 2009 - 04:25 AM

Generated 08/17/2009 at 00:59 AM

Application Version : 4.27.1002

Core Rules Database Version : 4056
Trace Rules Database Version: 1996

Scan type : Complete Scan
Total Scan Time : 02:40:20

Memory items scanned : 457
Memory threats detected : 0
Registry items scanned : 7372
Registry threats detected : 0
File items scanned : 143980
File threats detected : 2

Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt

Adware.Vundo Variant/Rel
C:\WINDOWS\SYSTEM32\KJJLM.TMP

mkay i ran it an it pick up two things , also i wasn't able to do it in safe mode it kept sayin that it close abnormally.. so i just did it normally




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users