Need Help, Unknown Virus is disabling Everything!

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by DentonATM, Sep 29, 2004.

  1. DentonATM

    DentonATM Private E-2

    Hi, An Unknown Virus(es)? Has completely disabled a workstatation here at my office. I've Tried to download AVG, but keep getting a message saying " AVG cannot run on MS_Dos or Windows based programs. AboutBuster downloaded fine, but when i try to run it, it says " Missing or corrupted files, adaware cant find it, nor can spybot search and destroy or Avast. Any help will be greatly appreciated, i can also post my hijack this log if needed, thanks you for your time, John
     
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please follow all the steps in this Sticky thread
    READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

    If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

    NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.
     
  3. DentonATM

    DentonATM Private E-2

    Okay, I ran everything in the tutorial, Trendmicro found nothing, Symantec Security Check wouldn't run in either safe or normal mode. AboutBuster wouldnt load, kept getting the error message, "corrupted or missing files".Kill2Me found nothing, and spybot kept finding a DSO exploit. I don't know what else to check or run, AVG won't install. I run Windows 2000 , but for some reason it says AVG doesnt work with Windows based applications and stops loading all together. The AdAware plugin also won't run and says " Bad Entrypoint".
     
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Sounds like you have a load of things wrong and it may not be all spyware. You should not be having that many problems installing or running hese programs.

    Are you up to date with your Windows Updates?

    See this for About:Buster:
    If you receive an error message about a missing MSCOMCTL.OCX file when you run about:Buster, download the file in the link below and run it. It will give you the necessary file.

    http://www.javacoolsoftware.net/downloads/missingfilesetup.exe
     
  5. DentonATM

    DentonATM Private E-2

    I downloaded the file , but AboutBuster is still giving me the message" Database is either missing or corrupted". I have downloaded all of the current windows updates. I downloaded EWIDO anti virus, and it picked up 2 Trojans, but there are still huge problems, I have this in my registry:5S@Q2ZA3CZX#@K
    I try deleting it, but it keeps coming back or popping up as something else.Also, when i try to install AVG, I get an error message" C:\WINNT\SYSTEM32\AUTOEXEC.NT. The system file is not suitable for running MS-DOS and Microsoft Windows applications."

    I've tried everything that i know to get this computer up and running correctly ,short of re-formatting the hard drive.
     
  6. Kodo

    Kodo SNATCHSQUATCH

    If you have another , uncompromised box available, put some GOOD AV software on it and then put the "compromised" hard drive in the uncompromised machine as a secondary drive. Then scan that drive with the the AV.
     
  7. DentonATM

    DentonATM Private E-2

    Okay, I thinkk i got it. I removed the drive, installed it on another machine and ran acg, it detected and healed 26 instances of Downloader.VB.S , I then ran ad aware on it, and re-installed it . I ran peperfix and VX2 Finder, peper fix found 45 infections, and got rid of them. Everything seems to be running good now, for some reason, i can't move my shortcuts and icons around by dragging them on the desktop, but other than that, everything seems to run ok.
     
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Good job! But do you have all of your Windows Updates?
     
  9. DentonATM

    DentonATM Private E-2

    I Spoke too soon. AVG still won't install, it keeps giving me a message saying that it wont run on an ms-dos based or windows application. my destop is frozen, can't drag icons, cant acess my search function, or add/delete program function in either normal or safe mode. i found 26 instances of Win32 virus and WIN95/Bumble, but AVR cant get rid of them. I tried pest patrol, but it won't get rid of them.I can't download any windows updates either. Should i just reformat the disk and wipe it clean? Seems like this computer is more infested than i originally thought.
     
  10. Kodo

    Kodo SNATCHSQUATCH

  11. jamoecw

    jamoecw Private E-2

    sounds similar to a virus my sister had, it deleted anything that i put on to fight it, on top of most of her documents and programs. recently it gave her a red screen that said that her computer was infected and of course it wouldn't let her do anything. she decided to buy a new computer, i know no fix and have yet to hear of anyone else encountering this virus and describe it after it has run its course, and have yet to personally encounter it, personally i think that it comes as spyware then manifests itself as a true virus, out of curiosity what anti-spyware programs did you have 2 months ago? I have been using spybot, spyguard, spyblaster, and adaware, with no antivirus.
     
  12. Kodo

    Kodo SNATCHSQUATCH

    NO ANTIVIRUS!!!!! that's just asking for trouble.. PLEASE put one on there. Anti-Spyware programs are NOT a catch all for viruses.
     
  13. DentonATM

    DentonATM Private E-2

    I've tried Avast, Panda, AntiVir, Trendmicro online scan, Ewido, I also tried Symantec security check, but could'nt download it, i downloaded Mozilla firefox because Nothing would download with IE , but there are no available plugins for Mozilla to to get trendmicro or semantec to run . I'm wondering if it would judt be better to re-format the harddrive and start over?
     
  14. RCCGRUNT

    RCCGRUNT Private E-2

    Have you tried Stinger.exe? It may help you out.
     
  15. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

  16. DentonATM

    DentonATM Private E-2

    Yes, i did EVERYTHING in the read first post before i ever posted anything. and no, stinger didnt work, Nothing Has. I have No Clue as to what to do. I've tried restarting in safe mode,deleting registry entries, i did everything i've been asked to do so far, and everything in the tutorial, but my computer is still overwhelmed by one virus after another.
     
  17. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Okay, run these:
    http://tools.zerosrealm.com/PeperFix.exe
    http://www.memorywatcher.com/uninst.exe

    Let me know if they find anything.

    Then read this: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

    And post us a HijackThis log as a .txt file attachment.
     
  18. DentonATM

    DentonATM Private E-2

    Ran peperfix also, but it keeps finding the same things and even though it deletes them, they come right back, memory watcher installs half way and completely stops. i've attached the hijack this log
     

    Attached Files:

    • hjt.txt
      File size:
      1.6 KB
      Views:
      4
  19. Kodo

    Kodo SNATCHSQUATCH

    I don't see anything wrong with your log.. are you still having problems?

    If you are, try this app in safe mode.

    http://www.majorgeeks.com/download172.html
    |MG| Free Download - a-squared (a²) Personal Edition 1.1
     
  20. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I see traces of AVPersonal and Avast in your log. And now your trying to put in AVG?
    You should not have more than one full blown virus protection application on your PC. I would get rid of AV Personal (that's AntiVir, I believe), forget about AVG, and stick with Avast.
     
  21. Kodo

    Kodo SNATCHSQUATCH

    Amen!
     
  22. jamoecw

    jamoecw Private E-2

    the reason why i don't use any anti-virus is because when people come to me with a virul problem i want knowledge from first hand experience, preferably the sae virus they have, but for some reason i have yet to ecnounter a virus. My guess is that the higher a net presence the higher the odds, as well as intellegent conduct is the best defense from getting one. I have little net presence, this post will be the first time i have made a second reply to a forum, and only the fourth time replying to a forum, usually i stick to single player games off line. Besides anti-virus programs and anti-viral actions are in response to new viruses that break through one's defenses, this virus has penetrated my sister's (who used a purchased firewall + norton + same anti-spyware i use) and now DentonATM's defense which will bring forth a new fix for this virus as well as many programs to prevent it. It is those that get viruses in the first place that are our best anti-virus.
     
  23. DentonATM

    DentonATM Private E-2

    I tried AVG first. the system here had No anti virus,avg wouldnt load at all. i could download the AVG beta, it found nothing, i cant access the add/remove programs folder, use the search function, or move anything on my desktop by dragging. I can't uninstall any programs at all, so all of those anti virus have to stay until i can find a way to uninstall them.
     
  24. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Get out your Windows 2000 CD and put it in your CD drive. And follow the Resolution given in the below Microsoft link.

    http://support.microsoft.com/default.aspx?scid=kb;en-us;324767

    Hopefully this will resolve your problems with the error message about autoexec.nt and the problems starting and installing/uninstalling programs. Let us know.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds