Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I got the Onpay virus


  • Please log in to reply
16 replies to this topic

#1 jukes

jukes

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 03 November 2012 - 04:40 PM

I "got the Onpay virus" today and that is one of the reasons for visiting and then signing up for this site. I just did the (above) steps and when I tried to download aswMBR, it gives me an IE error that the page cannot be loaded. What do I do? I can use IE just fine so has the page been moved? I need help bad. I keep "unhiding" the files and they keep "hiding again!"

THANKS!!!!

BC AdBot (Login to Remove)

 


#2 jukes

jukes
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 03 November 2012 - 05:30 PM

I figured out the IE error. Now it appears that "the virus" will not let me go to any web pages, even through AOL besides what I am already on. It has also "Blown up" my McAfee -leaving me wide open. Of course, I cannot reload it. I can unhide all my files as much as I want but they will just "go away again and I have to do the entire process over again.

It keeps throwing up these read/write error messages - even though I am not trying to do anything. 15 or 20 will pop up at a time! I can either hit retry or cancel and it goes away!


Any help would be so, so gratefully appreciated!

Edited by jukes, 03 November 2012 - 06:36 PM.


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:12 AM

Posted 03 November 2012 - 05:47 PM

Boot into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 jukes

jukes
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 03 November 2012 - 06:40 PM

As in my previous post, I cannot Access any websites except what I am currently on. If I click a link, it just give me an IE error that the page could not be found. So, I cannot do the above. I can received emails if someone wants to email me a fix BUT it CANNOT be a link.

Thanks again.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:12 AM

Posted 03 November 2012 - 06:53 PM

Use a different browser or copy the tools to infected PC

#6 jukes

jukes
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 03 November 2012 - 07:35 PM

I only have IE on this computer and I can't install another because I can't get to ANY webpages besides this one. I was on this one when IE stopped allowing me to go to other web pages. I am not sure if I understand about copying the tools because if the tools are on the link that is provided, I can't get to them. If I just copy and paste aswMBR to my PC, once again, it will not work because it tries to open a link (avg.com).

I will probably have to purchase some software tomorrow to get me up and running. It's the only thing I know to do. IF I could get that EXE file from avg.com and run it myself, I would but once again, I can't get to it.

I am going to have to shut my computer down soon. I would keep it up but a) I am vulnerable to attacks, and b)these read/write errors pop up 20 at a time every 5-10 minutes.

Edited by jukes, 03 November 2012 - 07:44 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:12 AM

Posted 03 November 2012 - 07:54 PM

Download all the tools to another PC.Use a flash drive to copy those tools to the infected one.Run the tools and post the log.

#8 jukes

jukes
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 04 November 2012 - 10:54 AM

Right now, I am very lucky. I discovered I had Chrome on this computer- originally it did not work as it was looking for chrome.com (it did a diagnostics) and said something to the affect that there was no problem with the connection, however, there were internal (paraphrase) firewalls preventing me from getting out of ports such and such. I was going to do the above - I borrowed a friend's laptop - the flash drive when plugged into the laptop worked just fine. However, when I put the flash drive into the infected computer, it said that the drive was not formatted and formatting it would cause it to loose all data - I was like, this thing (virus) is "growing" into a monster. I just so happened, I was following some other instructions and my computer is in safe mode. I loaded AOL, for reasons that don't matter, it said that I had to install something like Adobe Flash - I will come back and edit this with all of the correct names. Then, it reloaded Chrome and I was able to get out! So, right now, I am on the forum, using Chrome and will start following the steps for a fix. The reason I am writing all of this up is for people in the future....

#9 jukes

jukes
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 04 November 2012 - 12:49 PM

I downloaded (a couple of times due to all of the problems) TDSSkiller with no problems and it put an icon on my desktop so that I can run it. I have a couple of logs from that. I downloaded aswMBR SEVERAL times and there is no icon - downloaded in safe mode and regular. I can't find anything in the program files???? I don't know. I don't know if I was being stupid or not but I decided to download ESET online scanner and it showed up perfectly - Icon, etc.

Being stupid, I decided to go ahead and run it to see the results. The results are as follows - moly crude - it disappeared! I started to run it again - it only picked up where it left off and it had already found two threats but I did not write them down. I can let it finish and try again.

I do not know how my computer got this far but I think I am going to have to call a technical support person to come to my house - really don't have the money but what can I do? I appreciate the help from NARNXP very much but my computer is just too far gone.

I have questions like - If I did a system restore - would that work or not because this is a root virus?
If I used my windows recovery CD, would that work?

Another Issue - I got my McAfee back but as far as REAL TIME SCANNING, I turn it on, 10 seconds "IT" turns it off, over and over and over.

Edited by jukes, 04 November 2012 - 02:04 PM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:12 AM

Posted 04 November 2012 - 12:53 PM

I downloaded (a couple of times due to all of the problems) TDSSkiller with no problems and it put an icon on my desktop so that I can run it. I have a couple of logs from that.


I would like to see the log

I have a couple of logs from that. I downloaded aswMBR SEVERAL times and there is no icon - downloaded in safe mode and regular. I can't find anything in the program files????


Read my instructions.I never mentioned anything about program files

I have questions like - If I did a system restore - would that work or not because this is a root virus?


System restore should work.

If I used my windows recovery CD, would that work?


You can use it but before that backup your data.

#11 jukes

jukes
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 04 November 2012 - 02:28 PM

My apologies for thinking it would be in the program files - I was just looking for it
to run it and yes, I mistakenly read the instructions incorrectly. I do not have a log for that.

I do have the text file for TDSSkiller as I said and you requested but I need to know how to upload it to the forum. As you can tell, I don't know a whole, whole lot about computers! Thanks to guys like you, guys like me can make it!

Also, I don't know if it did any good but I ran the ESET online scanner and yes, I exported the results to a text file. If you would like that, I also need to know how to get that to you.

Thanks again for your help and patience. Thank you.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:12 AM

Posted 04 November 2012 - 02:41 PM

Just copy / paste the contents of the log here

ESET online scanner log is here

C:\Program Files\EsetOnlineScanner\log.txt

#13 jukes

jukes
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 04 November 2012 - 03:22 PM

Just copy / paste the contents of the log here

ESET online scanner log is here

C:\Program Files\EsetOnlineScanner\log.txt



#14 jukes

jukes
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 04 November 2012 - 03:31 PM

I am now up the creek without a paddle. I was going to do a system restore an I. closed out all of my programs including chrome and Internet Explorer. I am doing this reply via my phone. Remember also that it will not let me use a flash drive or CD to copy the files and send them via another computer. I have got to take a break because I have been at this computer all day.

Also it will not let me do a paste in certain locations but we will wait and see what happens. I cannot even do a system restore as it blocks me with an error

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:12 AM

Posted 04 November 2012 - 03:39 PM

I would suggest you to back up data ,use recovery CD to reinstall operating system.This should be the best option at this stage.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users