Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Think I have a virus?


  • Please log in to reply
5 replies to this topic

#1 heydoe2334

heydoe2334

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 26 July 2013 - 04:30 PM

Since 2011 I haven't been able to update my computer via windows update. Every time I try to it fails. I can't turn on my Windows Firewall because it says it can't change some of my stuff and alot of my files are missing something like .dll files or something. I have tried quite a few different antivirus software's and i think total i have found like 3 trojans maybe. none of them fixed the problem. my computer is slow and has had like 3 blue screens in the last month. I hope someone can help me fix the problem. also i can't run anything as administrator and i read online that to fix that there is an update for it but of course i cant get any updates since 2011. ugh please help!


Edited by hamluis, 26 July 2013 - 06:00 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,106 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:14 AM

Posted 26 July 2013 - 04:56 PM

Why not...do a clean install or restore-to-factory-defaults, rather than trying to overcome years of problematical situations?

 

Why assert that you "think you have a virus"...when any number of things could have gone wrong since 2011 that have nothing to do with malware?

 

System manufacturer and model?

 

Louis


Edited by hamluis, 26 July 2013 - 04:57 PM.


#3 heydoe2334

heydoe2334
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 26 July 2013 - 04:59 PM

I was seeing if there was anything else anyone recommended I could do before I had to do that.


Edited by heydoe2334, 26 July 2013 - 05:00 PM.


#4 heydoe2334

heydoe2334
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 26 July 2013 - 05:05 PM

Manufacturer is eMachines and model is eME528



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:14 AM

Posted 26 July 2013 - 06:47 PM

For your Updates first try this -

Copy / Paste the code between the lines into NOTEPAD. It must be Notepad and not Wordpad or another text editor as it will not work.

Name Update_fix.bat Note the .bat extension is Very Important - Save as .. All Files
-------------------------------------------------------------------------------------------------------------------------
net stop wuauserv
net stop cryptSvc
net stop bits
net stop msiserver
ren C:\Windows\SoftwareDistribution SoftwareDistribution.old
ren C:\Windows\System32\catroot2 catroot2.old
net start wuauserv
net start cryptSvc
net start bits
net start msiserver
pause

---------------------------------------------------------------------------------------------------------------------
Once saved to notepad, reopen notepad, select All Files > Right click Update_fix.bat > Send to Desktop
Vista and Windows 7 users must Right click on the new Gear icon and select Run as Administrator
The program will run for a few seconds, and you may be asked to Press Any Key at the end.
This usually clears out any old "blocked updates" so you can restart again.
Only ever select Express Updates to install and if offered too many (more than 5), just note the KB numbers to find them one at a time from M/soft site, with Google.

 

If you have a list of updates, you can post KB numbers and we can also provide links if you wish.

 

You will need Windows 7 SP1 for many of the updates -

 

Thank You -



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:14 AM

Posted 26 July 2013 - 07:16 PM

Once you complete the above step, please start with these steps in order -

 

You can post one result at a time as this may be easier for you.

If you have any questions, please ask them as you go -

 

:step1: Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

 

:step2: Please download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 
Click Go and copy / paste the result (Result.txt).

 

 

:step3: Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them.
NOTE : You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.
NOTE. rKill.txt log will also be present on your desktop.
NOTE Do NOT wrap your logs in "quote" or "code" brackets.

 

 

 

If you have any of the programs listed below already installed, they must be Updated prior to any scan -

 

 

:step4: Download Malwarebytes' Anti-Malware Free (aka MBAM)
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
Be sure to reboot the computer after you post the log.

 

 

:step5: Download SUPERAntiSpyware Free (aka SAS)
* Double-click SAS -setup.exe and follow the prompts to install the program.
* At the end, be sure to Check for Updates to be sure it is current
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to reboot the computer after you post the log.

 

 

:step6: Please download AdwCleaner by Xplode onto your desktop.

*Close all open programs and internet browsers.
*Double click on adwcleaner.exe to run the tool.
*Click on Delete.
*Confirm each time with Ok.
* NOTE :Your computer will be rebooted automatically. A text file will open after the restart.

*Please post the contents of that logfile with your next reply.
*You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 

:step7: Scan your machine with ESET OnlineScan

This is best done with Microsoft Internet Explorer, but other directions are also left -

Turn OFF (disable) your antivirus program while you run the scans.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

1.Hold down Control and click HERE to open ESET OnlineScan in a new window.
2.Click the ESET Online Scanner button.
3.NOTE :.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

 

- 1.Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
- 2.Double click on the ESET Online Scanner icon on your desktop.

 

 4.Check "YES, I accept the Terms of Use."
 5.Click the Start button.
 6.Accept any security warnings from your browser.
 7.Under scan settings, check "Scan Archives" and "Remove found threats"
8.Click Advanced settings and select the following:
Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology

 9.ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this will take some time to download the program for a first time, and then download updated data base (1 to 2  hours is not unusual)
10.When the scan completes, click List Threats
11.Click Export, and save the file to your desktop using a unique name, such as ESETScan.
- Include the contents of this report in your next reply.
12.Click the Back button.
13.Click the Finish button

 

 

 

:step8: Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.  

 

 

:step9:  Clear Cache/Temp Files
Download TFC by OldTimer to your desktop

  • Please double-click TFC.exe to run it.

    (Note: If you are running on Vista / Windows 7, right-click on the file and choose Run As Administrator).

  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.  Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

 

Thank You -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users