Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware, Trojan, Virus, You Name It I Think I Have It


  • Please log in to reply
7 replies to this topic

#1 batosai_sw

batosai_sw

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Location:SyD
  • Local time:06:21 PM

Posted 30 October 2006 - 04:35 PM

I've been having problems lately with my dell laptop. I think there are soo many that it will take many many steps to make my pc back to the cleaning ways. I did an avast scans before and found 110 files affected, don't dare to delete or move most of them in the chest since I'm not sure whether the files are important to my pc or not. Did an adaware scan and results found some trojan affected files. Did a printscreen of the results, but will show it later on.

The main problem that I would like to tackle the first one is that when I do:
click windows button -->click run --> type "msconfig", my avast gave me a warning (avast on-scanner running) and says"

File name: C\WINDOWS\System32\msconfig.com\[NsPack]
Malware name: Win32-WOW-CO[trj]
Malware type: Trojan horse

So what do I do?

Ps: If you guys would like me to post a pict of the error, I did a prnt scrn of it, I could post it.

Specs
-------------------------------------------
Dell Inspiron 8600 Laptop
Microsoft Windows XP SP1 home edition
Avast antivirus installed
Adaware SE personal installed
Spybot installed
Hijackthis installed
Ccleaner installed

Edited by batosai_sw, 30 October 2006 - 04:38 PM.

Dont even think of killin my pc

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:21 AM

Posted 30 October 2006 - 07:20 PM

What OS (Win XP/2000, etc) are you using? Did you try doing an anti-virus scan in "SAFE MODE"? Have you performed any anti-spyware scans?

Download and scan with Ad-Aware SE Personal 1.06. Setup & Configure as shown here.
Note: If you encounter any problems while downloading the updates, manually download them from here.
Download and scan with SUPERAntiSypware Free for Home Users
Note: If you encounter any problems while downloading the updates, manually download and unzip them from here.

If your running Win XP/2000, download and scan with AVG Anti-Spyware 7.5 in "SAFE MODE".
(This is Ewdio 4.0 renamed. If you already have Ewido installed, please update to this version which has a special "clean driver" for removing persistent malware.) Be sure to print out the AVG Anti-Spyware Install-Scan Instructions and read the User Manual.

Then perform this online Virus scan: Trend Micro Housecall <- Use "Autoclean" and manually delete what it can't clean.
[Watch the Address bar in IE. You may receive alerts that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component.]

Post back if your still having problems afterwards.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 batosai_sw

batosai_sw
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Location:SyD
  • Local time:06:21 PM

Posted 30 October 2006 - 11:09 PM

As I've mentioned in my first post, I did an adaware scan. The following are picts of the results:

http://i14.tinypic.com/4gzj2ps.jpg

http://i13.tinypic.com/3zgez3a.jpg



I've tried deleting the podcasts before. But when I restart my laptop, I could not get into the internet at all.
Please advise me on this.

Edited by batosai_sw, 30 October 2006 - 11:11 PM.

Dont even think of killin my pc

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:21 AM

Posted 31 October 2006 - 08:36 AM

Most Internet connectivity problems arise out of corrupt Winsock settings due to the installation of a networking software or Malware infestation.

If your using Windows XP SP2, log on as an administrator.
Go to Start > Run and type: cmd
Press OK or Hit ENTER.
A dos Window will appear. Type or copy/paste the following: netsh winsock reset
Hit ENTER.
When the program is finished, you will receive the following message: "Successfully reset the Winsock Catalog. You must restart the machine in order to complete the reset."
Reboot your computer.

If that does not help, then your going to need access to another computer (family, friend) with Internet access. Download the following programs and save to a USB stick or CD:
LSPFix by Cexx.org
Winsock XP Fix
Transfer both to your computer and run either of them to fix the broken Winsock connection. For instructions on how to use these tools, please see: LSP-Fix Tutorial and Winsock Repair Tutorial

Also download and save these programs to the same USB stick or CD in case your Internet still does not work. Then follow the instructions for running scans with them.

Sysclean Package.
Virus Pattern Files (lptXXX.zip).
ATF Cleaner by Atribune. (This program is for XP and Windows 2000 only)
DrWeb-CureIt.
If your running Win XP/2000, also download AVG Anti-Spyware 7.5. Be sure to print out the AVG Anti-Spyware Install-Scan Instructions.
HijackThis 1.99.1. This is a self-extracting version which will automatically install HJT in the proper location if we need to use it. DO NOT fix anything with this tool unless advised.

Transfer all these programs to the infected computer. Install AVG Anti-Spyware following the instructions you printed out but do not perform a scan yet.

For the Sysclean Package do this:
  • Create a new folder on drive "C:\" ("C:\New Folder") and rename it Sysclean.
  • Place the sysclean.com inside that folder.
  • Extract the lptXXX.zip pattern file into the same folder you created for sysclean.com.
  • DISABLE your current anti-virus software. Some anti-virus programs such as Avast will alert you to a virus attack when running sysclean so it's best to disable them first. DO NOT use yet.
Note: When using Sysclean its best to use the Administrator's account or an account with Administrative rights otherwise you will not have the rights to scan some locations resulting in Access is denied log entries.

Reboot your computer in SAFE MODE" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup [but before the Windows icon appears] press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Scan with AVG Anti-Spyware, following the instructions you printed out for scanning in safe mode.

Scan with Sysclean as follows:
  • Open the Sysclean folder and double-click on sysclean.com to run.
  • It will take some time to complete. Be patient and let it clean whatever it finds.
  • Exit when done.
Scan with DrWeb-CureIt as follows:
  • Double-click on drweb-cureit.exe to start the program.
  • An "Express Scan of your PC" notice will appear. Under "Start the Express Scan Now", Click "OK" to start.
  • Click "Select drives" and then click the "Start/Stop Scanning" button (green arrow on the right) to start.
  • When done a message will be displayed at the bottom advising if any viruses were found.
  • A log file will be created in C:\Documents and Settings\username\DoctorWeb\CureIt.log
  • Any quarantined files will be sent to C:\Documents and Settings\username\DoctorWeb\Quarantine.
  • Exit the program and reboot normally.
Finally, make sure you re-enable your anti-virus program.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 batosai_sw

batosai_sw
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Location:SyD
  • Local time:06:21 PM

Posted 02 November 2006 - 08:46 PM

Hmm, I just got a blue screen error. Is reformatting the pc last resort to a clean, virus, trojan, malware free?? Because I think I might be opting for that out of frustration.
Dont even think of killin my pc

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:21 AM

Posted 03 November 2006 - 05:56 AM

At which step are you getting the blue screen error and what specifically does it say?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 batosai_sw

batosai_sw
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Location:SyD
  • Local time:06:21 PM

Posted 03 November 2006 - 05:08 PM

The blue screen error appears when I was not doing anything. it says: "page_default_in_nonpaged_area".
I'm not sure whether that is the necessary error msg 'cos that's the only part that I took notice of.

*Edit: I've formatted my laptop, so I guess these problems can be said to be solved. MODs can close this thread if they wish.
Thanks again to quietman for your help.

Edited by batosai_sw, 04 November 2006 - 04:08 AM.

Dont even think of killin my pc

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:21 AM

Posted 04 November 2006 - 07:07 AM

That particular error sounds more like a hardware related issue due to a failed processor fan, bad memory (RAM), failing power supply, CPU overheating, motherboard, drivers, etc. I realize that you already reformatted but if the same problems starts again you may want to start investigating for some of these hardware issues.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users