Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

i have black internet virus


  • Please log in to reply
6 replies to this topic

#1 Dylanj5333

Dylanj5333

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 13 July 2010 - 06:42 PM

ok i have the black internet virus, ive seen alot of threads of people having the exact same problem as me.

Posted Image

those 4 viruses wont go away and i cant manually delete them. my problem is the "wave" on volume control keeps going down and i have to turn it back up for sound to work its very annoying; and sometimes "wave" doesnt even move at all but i just have to touch it and sound works again.., and i have ads from IE popup sometimes and i use firefox, and i have voice ads saying "congratulations u won" and sometimes i hear some music.

ive tried going safe mode and deleting the viruses it still doesnt work so what should i do?

also no idea how i got this virus i was talking on ventrilo and my sound just stopped working.. this happened like 2 days ago and i found out why it stopped working yesterday i think.. because of the wave problem :/

oh and also i hear alot of page clicking for no reason

oh yea OS is windows xp


REFER TO MY LAST POST FOR AN UPDATE I NEED HELP BAD

Edited by Dylanj5333, 14 July 2010 - 12:49 AM.


BC AdBot (Login to Remove)

 


#2 Dylanj5333

Dylanj5333
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 13 July 2010 - 07:29 PM

any of the mods here? ive seen some topics of the same problem as me and they say post logs or something

#3 Dylanj5333

Dylanj5333
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 13 July 2010 - 08:39 PM

hijackthislog:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:35:51 PM, on 7/13/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\hkcmd.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Analog Devices\Core\smax4pnp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\WINDOWS\system32\sndvol32.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "D:\Program Files\Outlook Express\msimn.exe" //mailurl:mailto:info@antibesyachtwear.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {0A02F1A3-3984-4BF6-A72B-61F2E08420B6} - d:\windows\system32\livqqgx.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.micr...veX/MSDcode.cab
O20 - Winlogon Notify: esaddahs - D:\WINDOWS\SYSTEM32\livqqgx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Performance Logs and Alerts SysmonLogEventSystem (SysmonLogEventSystem) - Unknown owner - ˜.exe (file missing)

--
End of file - 4596 bytes






malwarebytes quick scan log:





Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4310

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/13/2010 9:57:34 PM
mbam-log-2010-07-13 (21-57-34).txt

Scan type: Quick scan
Objects scanned: 143640
Time elapsed: 23 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a02f1a3-3984-4bf6-a72b-61f2e08420b6} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\esaddahs (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{0a02f1a3-3984-4bf6-a72b-61f2e08420b6} (Trojan.Vundo.H) -> Delete on reboot.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
d:\WINDOWS\system32\livqqgx.dll (Trojan.Vundo.H) -> Delete on reboot.

Edited by Dylanj5333, 13 July 2010 - 09:01 PM.


#4 Dylanj5333

Dylanj5333
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 13 July 2010 - 09:39 PM

bump, i tried what it said on this thread http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller

still didnt work this is what it said..

Posted Image

i clicked a key like it said and it just closed out so that doesnt work -.-

Edited by Dylanj5333, 13 July 2010 - 09:40 PM.


#5 Dylanj5333

Dylanj5333
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 13 July 2010 - 11:26 PM

~update~

i deleted those 4 things by doing ComboFix, now on malwarebytes it says i have 0 viruses

BUT im still having the problems with hearing clicks and voice ads and i think the wave problem is still here idk yet

soo can someone help me please =(

Edited by Dylanj5333, 13 July 2010 - 11:34 PM.


#6 bgamsvg

bgamsvg

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 14 July 2010 - 06:16 AM

Here's a thread in another forum about that "Black Internet":

http://forums.steampowered.com/forums/show...d.php?t=1360160


Maybe this can help you.

#7 Dylanj5333

Dylanj5333
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 14 July 2010 - 01:39 PM

i fixed it now i think, thanks for the help...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users