Jump to content

am i infected with malware


Recommended Posts

over the past few weeks my wireles connection will not work properly,it keeps disconnecting,i keep trying to reconnect but is trial and error sometimes will connect, but goes off again intermittantly,sometimes my hub does not show at all in the available wirless connections,

also today i found that my hotmail, sent to all my contacts using my name,an email with a link to a online drugs store, any help appreciated ,thanks in advance,

Link to post
Share on other sites

ps/i was also unable to insatll this service pack,maybe it has a connection with my above post,

Windows 7 Service Pack 1 (KB976932)

Installation date: ‎06/‎05/‎2011 18:08

Installation status: Failed

Error details: Code 80070020

Update type: Important

Windows 7 Service Pack 1 is a recommended collection of updates and improvements to Windows that are combined into a single installable update. The service pack can help make your computer safer and more reliable. A typical installation will take about 30 minutes to complete, and you will have to restart your computer about halfway through the process.

More information:

http://go.microsoft.com/fwlink/?LinkId=206783

Help and Support:

http://go.microsoft.com/fwlink/?LinkId=206784

Link to post
Share on other sites

The installed version of Adobe Reader on this computer is out-dated. Install the latest version of Adobe Reader available from Adobe.

-----------------------------------------------------------

Using Add or Remove Programs in the Control Panel; uninstall the following:

Adobe Reader 9.4.4

Java 6 Update 20

Java 6 Update 22

-----------------------------------------------------------

Run OTL.exe

  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
    :OTL
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O33 - MountPoints2\{e865cf2d-766a-11e0-af6d-001a8044511b}\Shell - "" = AutoRun
    O33 - MountPoints2\{e865cf2d-766a-11e0-af6d-001a8044511b}\Shell\AutoRun\command - "" = D:\AutoInstall.exe
    O33 - MountPoints2\{e865cf3d-766a-11e0-af6d-001a8044511b}\Shell - "" = AutoRun
    O33 - MountPoints2\{e865cf3d-766a-11e0-af6d-001a8044511b}\Shell\AutoRun\command - "" = D:\AutoInstall.exe 
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C31F31E6
    
    :Commands
    [Purity]
    [EmptyTemp]
    [EmptyFlash]
    [ResetHosts]
    [start Explorer]
    [Reboot]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Attach the new log produced by OTL

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!

Link to post
Share on other sites

thanks ShadowPuterDude,,,,,

just a question regarding attach the new log produced by OTL,,,,,,,,,,,,,,,,,,where am i attaching this, do you mean attach here and post so you can read it?,

Link to post
Share on other sites

i have just finished uninstalling out of date adobe and java, i have run the OTl fix,and have now been able to install Update for Windows 7 (KB2533552)

Installation date: ‎12/‎05/‎2011 23:03

success on 1st download and install, :thumbs:

will the fix you have given me solve my wirless connection problem and the email problem too, its too soon after the fix for me to know yet,i will let you know,

assuming im to attach the new OTL log produced after the fix,i have attached here for you to see,thanks again ShadowPuterDude.

imagine.

Link to post
Share on other sites

The fix may or may not fix those issues. I want to use a different tool that is a bit more complex then OTL.

Download ComboFix from one of these locations:

Save as Combo-Fix.exe during the download. ComboFix must be renamed before you download to your Desktop

Link 1

Link 2

* IMPORTANT !!! Save Combo-Fix to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    See HERE for help
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

whatnext.png

Click on Yes, to continue scanning for malware.

When finished, ComboFix will produce a log.

Note:

1. Do not mouseclick combofix's window while it's running. That may cause it to stall!

2. Remember to re-enable your anti-virus and anti-spyware before reconnecting to the Internet.

-----------------------------------------------------------

Attach logs for:

  • ComboFix (C:\combofix.txt)

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!

Link to post
Share on other sites

scan logs attached,

i disabled antivirus for scan and was still connected to internet,with firewall on,which kept prompting to alow different programs to access internet,should i have disconnected firewall?however the scan ran with no problems,

Link to post
Share on other sites

ps,my wireless connection is still,a problem,loading web pages some have been slow to load,perhaps this is because related cookies may have been deleted,otherwise so far things seem to be running ok :thumbs:

Link to post
Share on other sites

Most routers come with a reset button on them. They are small, normally red, and on the back or bottom of the router. Push and hold the button for a few seconds and then reconnect and reconfigure the router.

Unless you are having problems from Malware it is time to do the final steps.

Now to remove most of the tools that we have used in fixing your machine:

  • Make sure you have an Internet Connection.
  • Download OTC to your desktop and run it
  • A list of tool components used in the cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.

Delete everything in C:\!KillBox (If I didn't have you use KillBox, then this won't be present)

Delete the following from your Desktop (If they exist)

CFscript.txt

FixMe.reg

FixReg.reg

Anything else I had you use

Delete the following files: (If they exist)

C:\ComboFix.txt

Delete the following folders: (If they exist)

C:\ComboFix

C:\Qoobox

Empty the Recycle Bin

Run CCleaner

Turn off System restore to flush all your restore points then turn system restore back on. See How To Enable and Disable System Restore.

You can delete and uninstall any programs I had you download, that you do not wish to keep on the system.

Run Windows Update and update your Windows Operating System.

Run the Secunia Online Software Inspector, this will inspect your system for software that is out-of-date and in need of updating. Update anything program/application detected as being out-dated.

Articles to read:

How to Protect Your Computer From Malware

How to keep you and your Windows PC happy

Web, email, chat, password and kids safety

10 Sources of Malware Infections

That should take care of everything.

Safe Surfing!

Link to post
Share on other sites

all done,except for windows 7 service pack downloads but wont install,error_sharing_violation(0x80070020),tried windows trouble shooter,system update readyness tool, and tried with security programs off,

i have still to run the secunia online software inspector,

Link to post
Share on other sites

secunia online software inspector has found this version of Adobe,

(This installation of Adobe Flash Player 10.x is insecure and potentially exposes your system to security threats!

The detected version installed on your system is 10.2.152.32 (ActiveX),

i have downloaded updated version, and run secunia 3 or 4 times but still finds this version,i have looked for it but cant find it, though the new updated version is there.(10.3.181.14 (ActiveX).

the router, i have previously unplugged and reset buton on back of router,but didnt fix my wirless drop out,

going now to check out the link you gave me,,,, thanks

Link to post
Share on other sites

after clearing all my restore points i made a new one just before i tried installing windows update service pack,,and before running secunia,,,,is it possible adobe flash player10.2.152.32 (ActiveX), out of date version is in that saved restore point?

Link to post
Share on other sites

found the flash and deleted,

iv been to this link you gave me,http://support.microsoft.com/kb/883825, and tried all the recomended methods to get that windows update,except one which was method 3 perform clean boot which is recomended for advanced computer users,wasnt sure if im advanced enough to do this ok, maybe after the tasks you already gave to maybe i am, what you think?

Link to post
Share on other sites

i have run into more trouble, while still trying to download the service pack,

i am now getting messages from microsoft that my windows is not genuine,iv been trying to email microsoft from their support page,and trying to send them my product key, but it wont send, on there pages it says might be malware that has deleted or altered files needed to varyfy my windows,

my windows 7 home premium is i know genuine, i bought it pre release before it went on sale had no problems untill now,

any help appreciated

Link to post
Share on other sites

just thought to add more information to my last message,

my pc firewall had kept repetedly telling me that a change had been made in registry,and would revert to previous setting,i was clicking allow and save, but still was asking everytime iv logged on,,

so because of this i decided to download a new pc tools firewall,then deleted the old one,,,turned off antivirus and then tried to install service pack again it failed at 15% in configuation, after this my desktop showed that my windows was not genuine,after tried to resovle this at microsoft website,but they did not regognise my product key,scatching my head now at this stage,

i decided to revert back to system restore to the one i saved just after completing all the scans ect given to me here,

results of this now are ,,, im not getting the , not genuine windows 7 product now,

i then wondred if restore had put my 1st firewall back ,so i decided to repeat getting a new firewall,,,problem i tried to uninstall the firewall,but got an error message can not delete ,, corrupt files,

i think there must still be something still in my computer corrupting files, which caused my windows 7 to show it as not genuine,,and interfering with firewall settings.

asking for your help,,,,,,,,,,,, what do i do now ?

Link to post
Share on other sites

ok well thanks,,, clean install thats what im afraid of my cd dvd reader wont work so i cant load windows back on,,, but i have a couple of questions if you dont mind,,

1/ if i copy my windows using someone elses computer and copy it onto a usb stick, from there onto my lap top via usb ,, will that work?

would you know how many gb usb stick i would need?

2/ before a clean install would it be safe to save photos/doccuments to usb to re install later or onto a different pc,. or is that a risk of transfering the problem ?

Link to post
Share on other sites
1/ if i copy my windows using someone elses computer and copy it onto a usb stick, from there onto my lap top via usb ,, will that work?

would you know how many gb usb stick i would need?

In short, no.
2/ before a clean install would it be safe to save photos/doccuments to usb to re install later or onto a different pc,. or is that a risk of transfering the problem ?
Yes, it would be safe to save your photos & documents to a USB.
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...