Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Have A Virus, Computer Can't Quarantine It, Can't Manually Delete It, Know Nothing About Computers...


  • Please log in to reply
9 replies to this topic

#1 Computer Illiterate

Computer Illiterate

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 09 February 2007 - 07:00 PM

Yeah, I think you can probably understand why I'm frustrated right now.

I'm new to this site and am absolutely computer illiterate. So please, use terms that someone like me might be able to understand.

I have Windows XP on my computer. It was made in 2005 by Dell and it's a desktop that is like plasma or LCD (I don't know if that matters... remember I know NOTHING about computers...)

I've been having a problem with viruses (viri?) on my computer for quite a while ago, and I get this popup from Microsoft PC-Cillin, which sometimes says if I have a virus. I was able to delete one of these viruses manually (which took computer-illiterate me FOREVER to find) but now I'm getting this new one, and while it didn't take me that long to find it, when I pressed delete, it wouldn't work...

The folder this virus is in is called...
C:\Windows\System32\kbdadm.dll (I think that's right...)
The virus name is apparently TROJ_CONHOOK.AK

There are a bunch of files that begin with KBD after that... I think it might mean keyboard, because it says for every other file after it that it is the default keyboard layout for every country (such as kbdus.dll would be the one for the United States...)

This one doesn't say it was from a country, though. As a matter of fact, I can't think of a country that begins with "adm". So I don't think it's an actual country.

BUT, if this means anything, it says that the folder was created on June 16, 2006... just this past summer, which is around the time when my computer started getting these problems (well, I remember a while where there were no issues, and I only got this for Christmas at the end of 2005...) I'm wondering if this might mean something...?

When I deleted a virus once before, I still got all the popups and stuff I had been getting. But I only found out about this virus today, and I think this might be it. If it's been there all this time, how has nothing been able to get rid of it? Over these past few months, I have run spyware, adware, antivirus programs... everything that I know of and after all these months, nothing has been able to get rid of it.

I have a feeling (and it's really only a feeling, knowing nothing about computers I have no proof) that the reason nothing has gotten rid of this file is because it is basically "undeleteable". But I was also hoping that you computer-smart people might have some program that can get rid of "undeleteable" files like these... in other words, files that won't go away with ordinary programs like the ones I've mentioned? Is there something you guys can suggest I do? Or am I hopeless...?

I'm a senior in high school this year, going through this whole college application process (and no, I'm NOT majoring in computers, as you could probably expect) and I need to do all these applications online. All the deadlines and stuff are coming up, and when I'm in sometimes in the middle of stuff like that, popups will start coming up and they will be "not responding", so I have to start them AGAIN or restart my computer altogether. And to be honest, I'm sick of it!!!!! This time in my life is ALREADY stressful enough, I don't need anything else... erm, sorry there, got a little sidetracked...

But my point is... why are some files just basically "undeleteable"? I just cannot live like this anymore. I'm sick and tired of all these popups. Not only are they annoying and slow, in some cases they are just plain DISGUSTING (I hope you know what I'm talking about... if you were able to put that green puking smiley at the bottom into this post, I would definitely do that...) My younger sister sometimes uses my computer, and these are the kind of things that I really DO NOT want her to see... I hope you understand.

Whoa... that was long. But I also want to put this in:

Ever since I got my computer (and my sister's computer does this too... I don't think it's a coincidence...)

I sometimes get the "blue screen of death" if you will, and I always get the same message - DRIVER_IRQL_ NOT_LESS_OR_EQUAL. Being computer illiterate, I have absolutely no idea what that means. I've googled it and found some things that are supposedly able to fix it, but the explanation they give as to HOW one is actually supposed to use these things is just not in a language that computer illiterate me would ever be able to understand. I was hoping somebody here could translate, and whatever that driver is, is it true you can download those online...? My friend told me that you could, but I'm not sure, so just asking...?

In both of these instances, I ask you only one question.

WHAT SHOULD I DO?

I hope you will be able to help me.

:thumbsup: ~Computer Illiterate~ :flowers:

P.S. If it means anything, the Windows Explorer thing (is that what it's called...?) gives me this little blurb whenever I try to delete said file, saying it is using a program that made it impossible, even when I close every program other than Windows Explorer... how is this possible?

Thanks in advance!

Moderator Edit: Moved topic to more appropriate forum. ~ Animal

Edited by Animal, 09 February 2007 - 07:30 PM.


BC AdBot (Login to Remove)

 


m

#2 Horse Box

Horse Box

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:08:42 AM

Posted 09 February 2007 - 07:06 PM

Search your browser for SUPERspyware its free download for home users this maybe of some help!

When you click download just follow the screen instructions and it will guide you through it. If your system is old it might be slow or if you are using a standard modem (Not Broadband). Also this is a guide and may not fix your problem but it is a start.
Nie ma satso

#3 Computer Illiterate

Computer Illiterate
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 09 February 2007 - 07:09 PM

Holy bejeezus, I just scrolled down the page and looked at other topics, and it looks like someone has the EXACT same problem as I do... (well, the second one.)

Horse_box... I'm not sure I understand what you're saying... does Super Spyware really make that much of a difference? And where can I find it? You didn't mention a link...

And no, I am NOT using a modem or anything slow like that... I have a... uh... what's that thing called? The really fast wireless thing (computer illiterate me can't remember!)

I actually haven't gotten popups in the past half an hour, which is good for me. But I still need help!

#4 Uraiser

Uraiser

  • Members
  • 254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Antonio, TX
  • Local time:03:42 AM

Posted 09 February 2007 - 07:11 PM

DRIVER_IRQL_ NOT_LESS_OR_EQUAL.



I believe this means that 2 pieces of hardware are on the same IRQ. The drivers are trying to load conflict with each other thus causing your BSOD.


There are a few things you can do to fix this, but lets get to your virus first.

I suggest using a program called Hijackthis!


Then, once you've scanned your computer, submit your log to this board to have it analyzed. While that is going on, I'll do research on your virus that you have found, see what kind of payload it delivers and what kind of damage we may have to deal with.

#5 Computer Illiterate

Computer Illiterate
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 09 February 2007 - 07:12 PM

Oh my god... thanks Uraiser!

I'll try that right now...

#6 Uraiser

Uraiser

  • Members
  • 254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Antonio, TX
  • Local time:03:42 AM

Posted 09 February 2007 - 07:13 PM

Holy bejeezus, I just scrolled down the page and looked at other topics, and it looks like someone has the EXACT same problem as I do... (well, the second one.)

Horse_box... I'm not sure I understand what you're saying... does Super Spyware really make that much of a difference? And where can I find it? You didn't mention a link...

And no, I am NOT using a modem or anything slow like that... I have a... uh... what's that thing called? The really fast wireless thing (computer illiterate me can't remember!)

I actually haven't gotten popups in the past half an hour, which is good for me. But I still need help!




You're on a wireless network. Either cable or dsl.


and no problem, I'll get on the virus work as soon as I get home. Dont worry, we'll get you taken care of.

Edited by Uraiser, 09 February 2007 - 07:15 PM.


#7 Computer Illiterate

Computer Illiterate
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 09 February 2007 - 07:15 PM

Yeah, it's DSL! Wow, how could I not remember that...

Anyways, I'm on that HijackThis website... the way they describe it makes it sounds like it should REALLY work (like they said it's only after you've tried EVERYTHING...) but the one problem I have is... what do I click in order to start it?

Also, it says it's for more advanced users, which I'm pretty sure I've made it clear that I'm not. How much computer knowledge do you really need for that stuff?

#8 Computer Illiterate

Computer Illiterate
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 09 February 2007 - 07:21 PM

Okay, I have to go and get ready for dinner right now. We have some friends over who are eating with us, and we're probably all gonna watch a movie or something afterward, so I'll be gone for a while.

I will check back in later on tonight, though. Tomorrow at the earliest.

Thank you all so much!!!!!

:thumbsup: ~Computer Illiterate~ :flowers:

#9 Horse Box

Horse Box

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:08:42 AM

Posted 09 February 2007 - 07:57 PM

www.superantispyware.com

try that to kill virus. Follow on screen instructions.

I am running McAfee Anti-Virus software with updates to protect
against virus's but I pay for this service.

Kind regards


Horse Box :thumbsup:
Nie ma satso

#10 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,699 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:42 AM

Posted 09 February 2007 - 09:01 PM

Welcome Computer Illiterate :thumbsup:

To clarify and add to the directions you have received thus far:

Download AVG AntiSpyware 7.5 (formerly Edwido) found here: http://www.ewido.net/en/download/
Directions for use in both normal and safe modes are provided here by our own quietman7:
http://www.castlecops.com/t137442-CCSP_Ewi...structions.html
You will also find the directions to disable the real-time scanning which I would advise doing right away as it is only available for the paid version which the free version is like for the first 30 days. I would suggest doing the scan in safe mode after setting up the proper scanning selections.
+++++++++++++++++++
Next:
Download and install SUPERAntiSpyware free found here: http://www.superantispyware.com/superantis...efreevspro.html

Be sure to click on the download button to the left, not on the free trial download on the right.

Install it and double-click the icon on your desktop to run it.
It will ask if you want to update the program definitions, click Yes.
Under Configuration and Preferences, click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others unchecked.
o Click the Close button to leave the control center screen.
On the main screen, under Scan for Harmful Software click Scan your computer.
On the left check C:\Fixed Drive.
On the right, under Complete Scan, choose Perform Complete Scan.
Click Next to start the scan. Please be patient while it scans your computer.
After the scan is complete a summary box will appear. Click OK.
Make sure everything in the white box has a check next to it, then click Next.
It will quarantine what it found and if it asks if you want to reboot, click Yes.
To retrieve the removal information for me please do the following:
o After reboot, double-click the SUPERAntispyware icon on your desktop.
o Click Preferences. Click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o It will open in your default text editor (such as Notepad/Wordpad).
o Please highlight everything in the notepad, then right-click and choose copy.
Click close and close again to exit the program.
+++++++++++++

+++++++++++++++++++
Having done that, please follow the directions in this guide. Then create an HJT log, you will find the directions in the guide. As you said, HiJack This is for advanced users which is why we have the HJT forum. So create a new topic in this forum, not here and give it a good descriptive title. Briefly summarize what the problems are, what you have done to try to solve it, and what worked and didn't work and paste in your HJT log.

After you post your log, DO NOT make any further changes to your computer: deleting files, editing the registry, using special fix tools, installing or uninstalling software etc. as this will make it more difficult for the HJT team to help you.

Please be patient as the HJT team is very busy. DO NOT bump your log as the team may think that someone is already helping you. If you have not had a response in five days, add a response to the five days no response topic and paste in the link to your thread.

Orange Blossom :flowers:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users