Solve : possible virus/trojan?

1.	Solve : possible virus/trojan?
Answer» I have zonealarm pro installed on my system and the virus check stated i had a possible virus and said that it was unable to remove. I think i may have it safely quarantined at the moment. i have followed the initial instructions and have posted my logs. Any help to see if I am now safe would be appreciated. [attachment deleted by admin]Use the Kaspersky Lab Online Scanner In Microsoft Windows Vista, you must open the Web browser using the Run as Administrator command. From the Desktop right click the icon to open the browser and choose Run as Administrator. Click on SCAN NOW Click Accept. The program will then begin downloading the latest definition files. Once the files have been downloaded locate the Scan Settings and have it scan My Computer. The scan will take a while, so be patient and let it finish. When the scan is done, in the Scan is complete window, any infection is displayed. There is no option to clean/disinfect, however, we need to analyze the information on the report. To obtain the report: Click on: Save Report As Next, in the Save as prompt, Save in area, select: Desktop. In the File name area use KScan, or something similar. In Save as type: click the drop arrow and select: *Text file [.txt] Then, click: Save Copy and paste the Kaspersky Online Scanner Report in your next reply. Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.unable to use the kaspersky online scanner. Keep getting error that it is unable to start. No other virus scanners or malware scanner is running while trying.Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop. LINK #1 Link #2 Note: It is important that it is saved directly to your Desktop Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix. Temporarily disable your antivirus, and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be DISABLED and how to disable them. Double click combofix.exe & follow the prompts. When finished ComboFix will produce a log for you. Post the ComboFix log in your next reply. Important: Do not MOUSECLICK ComboFix's window while it is running. That may cause it to stall. Remember to re-enable your antivirus and antispyware protection when ComboFix is complete. If you have problems with ComboFix usage, see How to use ComboFixok forgot to turn off zonealarm and its forcefield for the browser and kaspersky is now running and i am waiting on the result. Should i let it finish and submit the log or do you want me to run combofix also?Do the Kaspersky first. ComboFix might not be needed.Here is the kaspersky log. [attachment deleted by admin]Did you install mIRC?yes long time agoOK looks good then. How is the computer running now? seems to be ok. no problemsDelete ComboFix, we won't need it. Final steps. Clear your System Restore of infected Restore points. Go to Start, then Programs, then Accessories, then System Tools Choose System Restore When the program starts, make sure that Create a Restore Point is checked, the click Next Give the restore point a name, then click Create, then Close to complete . ---------- Use the Secunia Software Inspector to check for out of date software. Click Start Now Check the box next to Enable thorough system inspection. Click Start Allow the scan to finish and scroll down to see if any UPDATES are needed. Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.Thank you for all your help. Really appreciate it Your welcome. Safe surfing...

Answer»

I have zonealarm pro installed on my system and the virus check stated i had a possible virus and said that it was unable to remove. I think i may have it safely quarantined at the moment. i have followed the initial instructions and have posted my logs. Any help to see if I am now safe would be appreciated.

[attachment deleted by admin]Use the Kaspersky Lab Online Scanner

In Microsoft Windows Vista, you must open the Web browser using the Run as Administrator command. From the Desktop right click the icon to open the browser and choose Run as Administrator.

Click on SCAN NOW
Click Accept.
The program will then begin downloading the latest definition files.
Once the files have been downloaded locate the Scan Settings and have it scan My Computer.
The scan will take a while, so be patient and let it finish.

When the scan is done, in the Scan is complete window, any infection is displayed.
There is no option to clean/disinfect, however, we need to analyze the information on the report.

To obtain the report:
Click on: Save Report As

Next, in the Save as prompt, Save in area, select: Desktop.
In the File name area use KScan, or something similar.
In Save as type: click the drop arrow and select: Text file [*.txt]
Then, click: Save

Copy and paste the Kaspersky Online Scanner Report in your next reply.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.unable to use the kaspersky online scanner. Keep getting error that it is unable to start. No other virus scanners or malware scanner is running while trying.Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.

LINK #1
Link #2

**Note: It is important that it is saved directly to your Desktop

Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your antivirus, and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be DISABLED and how to disable them.

Double click combofix.exe & follow the prompts.
When finished ComboFix will produce a log for you.
Post the ComboFix log in your next reply.

Important: Do not MOUSECLICK ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

If you have problems with ComboFix usage, see How to use ComboFixok forgot to turn off zonealarm and its forcefield for the browser and kaspersky is now running and i am waiting on the result. Should i let it finish and submit the log or do you want me to run combofix also?Do the Kaspersky first. ComboFix might not be needed.Here is the kaspersky log.

[attachment deleted by admin]Did you install mIRC?yes long time agoOK looks good then.

How is the computer running now? seems to be ok. no problemsDelete ComboFix, we won't need it.

Final steps.

Clear your System Restore of infected Restore points.

Go to Start, then Programs, then Accessories, then System Tools
Choose System Restore
When the program starts, make sure that Create a Restore Point is checked, the click Next
Give the restore point a name, then click Create, then Close to complete

.
----------

Use the Secunia Software Inspector to check for out of date software.

Click Start Now
Check the box next to Enable thorough system inspection.
Click Start
Allow the scan to finish and scroll down to see if any UPDATES are needed.
Update anything listed.

.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.Thank you for all your help. Really appreciate it Your welcome.

Safe surfing...

Solve : possible virus/trojan?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment