Solve : The Virus Alert Virus?

1.	Solve : The Virus Alert Virus?
Answer» Okay now lets take away the unnecessary startups the right way. Msconfig is for troubleshooting and is not a real startup manager. StartupLite * Download StartupLite by Malwarebytes to your desktop. * Double click StartupLite to launch the program. * Ensure the Disable box is checked. * Click Continue. * A pop up message will tell you the unnecessary startup items in your list have been disabled and ask you to restart your computer. * Restart your computer. ---------- Next. Run a new HijackThis scan and post the log please.I'm having a new problem. I can't open msconfig or any other application for that matter. I am asked which program I would like to use to open the file with, the .exe files! When I try to open firefox, it asks me what I should open firefox with! I can't run anything now except the internet, and apparently, I'm lucky to be able to do that. I'm so frustrated with this.Even with the startup lite...i can download the setup file, but when i try to run it, it asks me what program to open it with. Yesterday, I got an error REGARDING rundll32.exe.Hi , I guess that is time to format and reinstall your operating system. RegardsTry not to restart the computer until one of the tools we use does it for you or tells you to. If one of the tools will not run just go on to the next one. Save the logs to post in your next reply. 1) Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run. There are 4 different versions. If one of them won't run then download and try to run the next one. Vista and Windows 7 users need to right click Rkill and choose Run as Administrator You only need to GET one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus. * Rkill.com * Rkill.scr * Rkill.pif * Rkill.exe * Double-click on the Rkill desktop icon to run the tool. * If using Vista or Windows 7 right-click on it and choose Run As Administrator. * A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully. * When finished it will create a log. * Please post the rkill.log in the next reply. * If Rkill does not run from the first link, delete the file, then download and use the one provided in Link 2. If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs. * Do not reboot until instructed. * If the tool does not run from any of the links provided, please let me know. Once you've gotten one of them to run then try to immediately run the following. 2) Download and run exeHelper * Please download exeHelper from Raktor to your desktop. * Double-click on exeHelper.com to run the fix. * A black window should pop up, press any key to close once the fix is completed. * A log file named log.txt will be created in the directory where you ran exeHelper.com * Add the log.txt file to your next message. Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file). 3) If you already have Malwarebytes be sure to update it before running the scan! Download Malwarebytes' Anti-Malware (MBAM) * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to the following: * Update Malwarebytes' Anti-Malware * Launch Malwarebytes' Anti-Malware * Then click Finish * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is COMPLETE, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. * Copy and Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.All of a sudden, without doing anything, these apps now will open. I took your recommendation and ran startuplite as instructed, then ran hijackthis. Here is the new log. Should I still run RKill? Thanks a million, EF. [Saving space, attachment deleted by admin]You have picked up a new infection. Open HijackThis and select Do a system scan only Place a check mark next to the following entries: (if there) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) . Important: Close all open windows except for HijackThis and then click Fix checked. Once completed, exit HijackThis. ---------- If you already have ComboFix be sure to delete it and download a new copy. Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop. Link #1 Link #2 Note: It is important that it is saved directly to your Desktop Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix. Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them. Double click combofix.exe & follow the prompts. Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it) When finished ComboFix will produce a log for you. Post the ComboFix log in your next reply. Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall. Remember to re-enable your antivirus and antispyware protection when ComboFix is complete. If you have problems with ComboFix usage, see How to use ComboFixLooks like the rest of the family doesn't get time on mama's computer anymore. Here is the log and a screenshot of an error box regarding rundll when combofix was WRAPPING up. [Saving space, attachment deleted by admin]Does that error appear when you restart the computer? How is the computer running now?Well, all was going fine until I was browsing my brother's picture section on myspace. The first time it POPPED up, I was on myspace. I assumed it was from someone else browsing other things on my computer, but looks like myspace may be the culprit. This time it was Antivirus 7. Do you know of any connections between this Antivirus bug and myspace?Sorry for the delay. Are you able to run ComboFix in Safe Mode?It is definitely linked to myspace. Every time I go to someone's picture section (this time my own pics) I get a new antivirus soft virus. I'm really just posting back here to let you know that it HAS to be related to myspace, somehow. Go back to this post and try it again please. Here are the new logs. Thanks for getting me back on the wagon, I was close to giving up. [recovering disk space - old attachment deleted by admin]If you already have ComboFix be sure to delete it and download a new copy. Download ComboFix© by sUBs from one of the below links. Be sure to save it to the Desktop. Link #1 Link #2 Note: It is important that it is saved directly to your Desktop Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix. Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them. Double click combofix.exe & follow the prompts. Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it) When finished ComboFix will produce a log for you. Post the ComboFix log in your next reply. Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall. Remember to re-enable your antivirus and antispyware protection when ComboFix is complete. If you have problems with ComboFix usage, see How to use ComboFix

Answer»

Okay now lets take away the unnecessary startups the right way. Msconfig is for troubleshooting and is not a real startup manager.

StartupLite

* Download StartupLite by Malwarebytes to your desktop.
* Double click StartupLite to launch the program.
* Ensure the Disable box is checked.
* Click Continue.
* A pop up message will tell you the unnecessary startup items in your list have been disabled and ask you to restart your computer.
* Restart your computer.

----------

Next. Run a new HijackThis scan and post the log please.I'm having a new problem. I can't open msconfig or any other application for that matter. I am asked which program I would like to use to open the file with, the .exe files! When I try to open firefox, it asks me what I should open firefox with! I can't run anything now except the internet, and apparently, I'm lucky to be able to do that. I'm so frustrated with this.Even with the startup lite...i can download the setup file, but when i try to run it, it asks me what program to open it with. Yesterday, I got an error REGARDING rundll32.exe.Hi ,

I guess that is time to format and reinstall your operating system.

RegardsTry not to restart the computer until one of the tools we use does it for you or tells you to.

If one of the tools will not run just go on to the next one. Save the logs to post in your next reply.

1) Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the next one.

Vista and Windows 7 users need to right click Rkill and choose Run as Administrator

You only need to GET one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.pif
* Rkill.exe

* Double-click on the Rkill desktop icon to run the tool.
* If using Vista or Windows 7 right-click on it and choose Run As Administrator.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* When finished it will create a log.
* Please post the rkill.log in the next reply.

* If Rkill does not run from the first link, delete the file, then download and use the one provided in Link 2. If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
* Do not reboot until instructed.
* If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run then try to immediately run the following.

2) Download and run exeHelper

* Please download exeHelper from Raktor to your desktop.
* Double-click on exeHelper.com to run the fix.
* A black window should pop up, press any key to close once the fix is completed.
* A log file named log.txt will be created in the directory where you ran exeHelper.com
* Add the log.txt file to your next message.

Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

3) If you already have Malwarebytes be sure to update it before running the scan!

Download Malwarebytes' Anti-Malware (MBAM)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to the following:

* Update Malwarebytes' Anti-Malware
* Launch Malwarebytes' Anti-Malware

* Then click Finish
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is COMPLETE, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy and Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.All of a sudden, without doing anything, these apps now will open. I took your recommendation and ran startuplite as instructed, then ran hijackthis. Here is the new log. Should I still run RKill? Thanks a million, EF.

[Saving space, attachment deleted by admin]You have picked up a new infection.

Open HijackThis and select Do a system scan only

Place a check mark next to the following entries: (if there)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

.
Important: Close all open windows except for HijackThis and then click Fix checked.

Once completed, exit HijackThis.

----------

If you already have ComboFix be sure to delete it and download a new copy.

Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.

Link #1
Link #2

**Note: It is important that it is saved directly to your Desktop

Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Double click combofix.exe & follow the prompts.
Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it)
When finished ComboFix will produce a log for you.
Post the ComboFix log in your next reply.

Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

If you have problems with ComboFix usage, see How to use ComboFixLooks like the rest of the family doesn't get time on mama's computer anymore. Here is the log and a screenshot of an error box regarding rundll when combofix was WRAPPING up.

[Saving space, attachment deleted by admin]Does that error appear when you restart the computer?

How is the computer running now?Well, all was going fine until I was browsing my brother's picture section on myspace. The first time it POPPED up, I was on myspace. I assumed it was from someone else browsing other things on my computer, but looks like myspace may be the culprit. This time it was Antivirus 7. Do you know of any connections between this Antivirus bug and myspace?Sorry for the delay.

Are you able to run ComboFix in Safe Mode?It is definitely linked to myspace. Every time I go to someone's picture section (this time my own pics) I get a new antivirus soft virus. I'm really just posting back here to let you know that it HAS to be related to myspace, somehow. Go back to this post and try it again please. Here are the new logs. Thanks for getting me back on the wagon, I was close to giving up.

[recovering disk space - old attachment deleted by admin]If you already have ComboFix be sure to delete it and download a new copy.

Download ComboFix© by sUBs from one of the below links. Be sure to save it to the Desktop.

Link #1
Link #2

**Note: It is important that it is saved directly to your Desktop

Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Double click combofix.exe & follow the prompts.
Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it)
When finished ComboFix will produce a log for you.
Post the ComboFix log in your next reply.

Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

If you have problems with ComboFix usage, see How to use ComboFix

Solve : The Virus Alert Virus?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment