HELP please- I think my computer has been hyjacked:(:(

Discussion in 'Malware Help (A Specialist Will Reply)' started by tiffany311, Dec 9, 2006.

  1. tiffany311

    tiffany311 Private E-2

    I have done everything in the Read me first before posting.............

    Just a quick question, I have done a AVG SCAN tonight and I looked in the Virus Vault, and low and behold I got some ugly viruses in there, is there anything for me to worry about with them sitting in there or do I have to get rid of them?
    Please some one help;):confused:
     
    tiffany311, Dec 9, 2006
    #1
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Re: I have done everything in the Read me first before posting.............

    Hi

    Yes delete whats in your virus, vault.. but do make a note of their names and post them as they may hold clues to other infections that latch onto each other.

    Then please do attach all the logs as mentioned in the guide, so the malware guys can get to work, helping you remove them.
     
    DavidGP, Dec 9, 2006
    #2
  3. tiffany311

    tiffany311 Private E-2

    Re: I have done everything in the Read me first before posting.............

    I was trying to figure out how to delete what is in my virus vault can you instruct me please:)
     
    tiffany311, Dec 9, 2006
    #3
  4. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Re: I have done everything in the Read me first before posting.............

    To clear the AVG Virus vault do the below.

    Open the AVG Control Center program -> right click on "AVG Virus Vault" tab -> choose "Empty vault".
     
    DavidGP, Dec 10, 2006
    #4
  5. tiffany311

    tiffany311 Private E-2

    Re: I have done everything in the Read me first before posting.............

    oh great I had typed out the viruses that I just deleted and It did not post:(
    now what do I do?
    I await further instructions
     
    tiffany311, Dec 10, 2006
    #5
  6. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Re: I have done everything in the Read me first before posting.............

    Dont worry on the virii that AVG found just continue with the guide and attach all the requested logs as without those logs, we cannot work out what you have and how to assist you in fixing it :)
     
    DavidGP, Dec 10, 2006
    #6
  7. tiffany311

    tiffany311 Private E-2

    I did panda scan today and it said that I my computer is infected:(
    it did not completely finish the scan it just froze, this is what my computer has been doing these past couple days, since I installed limewire and bitorrent and I uninstalled both of them but I have been having difficulties with my computer freezing all the time, please tell me what I can do:(
    Thank you:confused:
     
    tiffany311, Dec 16, 2006
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I merged your threads together! You need to complete as much of the below as possible. If you are having problems with Panda or Bitdefender in safe mode, try them in normal boot mode. If that still does not work, just skip them but complete all other steps and attach the requested logs.

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Downloading, Installing, and Running HijackThis

    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.


    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy
      • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    chaslang, Dec 16, 2006
    #8
  9. tiffany311

    tiffany311 Private E-2

    Now I feel like a real computer moron:(
    I can't figure how to post all these logs for you can you please guide me, thanks again.
     
    tiffany311, Dec 16, 2006
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Dec 17, 2006
    #10
  11. tiffany311

    tiffany311 Private E-2

    I do know how to do that part, it is just that I don't know how to make a log for AVG and the others:(
    Sorry
     
    tiffany311, Dec 17, 2006
    #11
  12. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I assume you mean AVG Anti-Spyware and that you are running it instead of CounterSpy??? See this: Running AVG Anti-Spyware Which is also given in the READ & RUN ME right next to the download link for AVG Antispyware and it is also given again in the step 5 procedure for running AVG Antispyware.

    All the other scans (GetRunKey, ShowNew, BitDefender, PandaActive, and HijackThis) explain how to get logs in the READ & RUN ME or in the links given that you need to click on.
     
    Last edited: Dec 17, 2006
    chaslang, Dec 17, 2006
    #12
  13. tiffany311

    tiffany311 Private E-2

    I forgot to tell you that I am running windows 98 SE
    I have avg on my system the free one. but I don't see anywhere where it says reports on the top??
     
    tiffany311, Dec 17, 2006
    #13
  14. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Are you referring to AVG Antivirus? We did not ask for a log from it. We only ask for a log from AVG Anti-Spyware which is not the same thing.
     
    chaslang, Dec 17, 2006
    #14
  15. tiffany311

    tiffany311 Private E-2

    It says that, sorry AVG Antispyware 7.5 needs windows 2000 and above to be installed:(
     
    tiffany311, Dec 20, 2006
    #15
  16. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    So run CounterSpy as the READ ME requests first.
     
    chaslang, Dec 20, 2006
    #16
  17. tiffany311

    tiffany311 Private E-2

    I would run counter spy but can't because I have used up the as I used it for about a month and now I cannot use it anymore:-B frustrating
     
    tiffany311, Dec 21, 2006
    #17
  18. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    See if you can run this Microworld Anti Virus & Spyware Toolkit Utility 8.8.1 If you can, make sure you save an attach the log. This free demo is not a cleaning/fixing tool. It will only report to us what it finds, but since you could not run CounterSpy, AVG, or Panda, we are going to need more info.

    What malware problems are you actually having?
     
    chaslang, Dec 21, 2006
    #18
  19. tiffany311

    tiffany311 Private E-2

    the types of problems I am having is that my computer is contiunously crashing, I have porno sites popping up on my screen without me even opening such disgusting sites? This is really weird.
     
    tiffany311, Dec 22, 2006
    #19
  20. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you don't attach any logs, I cannot do anything for you other than tell you to run more scans and just hope that they work. So please attach the requested logs otherwise there is nothing I can do for you.
     
    chaslang, Dec 22, 2006
    #20
  21. tiffany311

    tiffany311 Private E-2

    I am getting frustrated here
    I have tried to post the log from the requested MicroWorld Anti Virus, and it says that it is too big to post when I try to upload it, frustration, frustration what do I do??:(
     
    tiffany311, Dec 22, 2006
    #21
  22. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Either compress it into a ZIP file and upload it or split the file into smaller pieces using your editor.

    If the log is that big, you must not have done some of the preliminary cleaning steps (like cleaning cookies on all user accounts and emptying quarantines, etc). Either that or you have alot of files infected.

    What about all the other logs from the READ ME?
     
    chaslang, Dec 22, 2006
    #22
  23. tiffany311

    tiffany311 Private E-2

    Here is some of the log other parts of the log will follow
    Thu Dec 21 23:02:18 2006 => **********************************************************
    Thu Dec 21 23:02:18 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
    Thu Dec 21 23:02:18 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
    Thu Dec 21 23:02:18 2006 => **********************************************************
    Thu Dec 21 23:02:18 2006 => Source: C:\WINDOWS\DESKTOP\MWAV.EXE
    Thu Dec 21 23:02:18 2006 => Version 8.8.1 (C:\WINDOWS\TEMP\MEXE.COM)
    Thu Dec 21 23:02:18 2006 => Log File: C:\WINDOWS\TEMP\MWAV.LOG
    Thu Dec 21 23:02:18 2006 => MWAV Registered: FALSE.
    Thu Dec 21 23:02:18 2006 => OS Type: Windows Workstation
    Thu Dec 21 23:02:18 2006 => OS: Windows 98
    Thu Dec 21 23:02:18 2006 => Ver: Version 4.10 A (Build 2222)
    Thu Dec 21 23:02:18 2006 => Windows Root Folder: C:\WINDOWS
    Thu Dec 21 23:02:19 2006 => Windows Sys32 Folder: C:\WINDOWS\SYSTEM
    Thu Dec 21 23:02:19 2006 => Local Fixed Drives: c:\
    Thu Dec 21 23:02:19 2006 => MWAV Mode: Only Scan files.
    Thu Dec 21 23:02:19 2006 => Latest Date of files inside MWAV: 20 Dec 2006 06:15:4.
    Thu Dec 21 23:02:33 2006 => AV Library Loaded...
    Thu Dec 21 23:02:33 2006 => MWAV doing self scanning...
    Thu Dec 21 23:02:33 2006 => Scanning File C:\WINDOWS\TEMP\Getvlist.exe
    Thu Dec 21 23:02:34 2006 => Scanning File C:\WINDOWS\TEMP\main.avi
    Thu Dec 21 23:02:34 2006 => Scanning File C:\WINDOWS\TEMP\virus.avi
    Thu Dec 21 23:02:34 2006 => Scanning File C:\WINDOWS\TEMP\kavss.exe
    Thu Dec 21 23:02:34 2006 => Scanning File C:\WINDOWS\TEMP\kavss.dll
    Thu Dec 21 23:02:34 2006 => Scanning File C:\WINDOWS\TEMP\kavssdi.dll
    Thu Dec 21 23:02:34 2006 => Scanning File C:\WINDOWS\TEMP\kavssi.dll
    Thu Dec 21 23:02:35 2006 => Scanning File C:\WINDOWS\TEMP\kavvlg.dll
    Thu Dec 21 23:02:35 2006 => Scanning File C:\WINDOWS\TEMP\msvlclnt.dll
    Thu Dec 21 23:02:35 2006 => Scanning File C:\WINDOWS\TEMP\ipc.dll
    Thu Dec 21 23:02:35 2006 => MWAV files are clean.
     
    tiffany311, Dec 22, 2006
    #23
  24. tiffany311

    tiffany311 Private E-2

    Fri Dec 22 00:26:28 2006 => ***** Checking for specific ITW Viruses *****
    Fri Dec 22 00:26:28 2006 => Checking for Welchia Virus...
    Fri Dec 22 00:26:28 2006 => Checking for LovGate Virus...
    Fri Dec 22 00:26:28 2006 => Checking for CodeRed Virus...
    Fri Dec 22 00:26:29 2006 => Checking for OpaServ Virus...
    Fri Dec 22 00:26:29 2006 => Checking for Sobig.e Virus...
    Fri Dec 22 00:26:29 2006 => Checking for Winupie Virus...
    Fri Dec 22 00:26:29 2006 => Checking for Swen Virus...
    Fri Dec 22 00:26:29 2006 => Checking for JS.Fortnight Virus...
    Fri Dec 22 00:26:29 2006 => Checking for Novarg Virus...
    Fri Dec 22 00:26:29 2006 => Checking for Pagabot Virus...
    Fri Dec 22 00:26:29 2006 => Checking for Parite.b Virus...
    Fri Dec 22 00:26:29 2006 => Checking for Parite.a Virus...
    Fri Dec 22 00:26:29 2006 => Checking for Adware.SeekSeek Virus...

    Fri Dec 22 00:26:29 2006 => ***** Scanning complete. *****

    Fri Dec 22 00:26:29 2006 => Total Objects Scanned: 26767
    Fri Dec 22 00:26:29 2006 => Total Critical Objects: 10
    Fri Dec 22 00:26:29 2006 => Total Disinfected Objects: 0
    Fri Dec 22 00:26:29 2006 => Total Objects Renamed: 0
    Fri Dec 22 00:26:29 2006 => Total Deleted Objects: 0
    Fri Dec 22 00:26:29 2006 => Total Errors: 42
    Fri Dec 22 00:26:29 2006 => Time Elapsed: 00:15:00
    Fri Dec 22 00:26:29 2006 => Virus Database Date: 12/20/06
    Fri Dec 22 00:26:29 2006 => Virus Database Count: 252201

    Fri Dec 22 00:26:29 2006 => Scan Completed.
     
    Last edited by a moderator: Dec 22, 2006
    tiffany311, Dec 22, 2006
    #24
  25. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    NO LOGS ARE TO BE POSTED INLINE!!!!!! This has been stated many times! You had MWAV show every single file being scan which is why the log is so large.

    Please attach the other logs requested. DO NOT POST THEM INLINE!!!!!
    • Bitdefender - from step 6
    • Panda Scan - from step 6
    • runkeys.txt - the log from GetRunKey.bat
    • newfiles.txt - the log from ShowNew.bat
    • HijackThis
     
    chaslang, Dec 22, 2006
    #25
  26. tiffany311

    tiffany311 Private E-2

    ok I am so frustrated I don't understand all this computer talk what ever in line means I am clueless:(:(:(::(:(
    please be patient I am just learning as I am a beginner here:(
     
    tiffany311, Dec 22, 2006
    #26
  27. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    In about 10 spots in the READ & RUN ME it explain "inline" to you and even gives a link on how to make attachments to messages. In fact the fourth and fifth sentences in large print at the top of the READ ME say.
    See This: HOW TO: Attach Items To Your Post which is also mentioned in the READ ME multiple times.
     
    chaslang, Dec 22, 2006
    #27
  28. tiffany311

    tiffany311 Private E-2

    I am truely sorry, and in a bit of a pickle so please bare with me and do have patience, my patience has run out and I see that yours has too, but don't take it out on me like I told you I am a beginner and ask one thing of you please help me.
     

    Attached Files:

    tiffany311, Dec 22, 2006
    #28
  29. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That's one log! Now attach the rest:

    Panda Scan - from step 6
    runkeys.txt - the log from GetRunKey.bat
    newfiles.txt - the log from ShowNew.bat
    HijackThis
     
    chaslang, Dec 22, 2006
    #29
  30. tiffany311

    tiffany311 Private E-2

    sorry accidently did one wrong:(
    Thanks for taking time to help me:)Panda scan would not scan so I am going to move on to the other scans for you
     

    Attached Files:

    tiffany311, Dec 22, 2006
    #30
  31. tiffany311

    tiffany311 Private E-2

    I did all the requested logs for you something happened to the show new log what I don't know but I posted it and I don't see it here:(
    I wait to here back from you for further instructions:)
     

    Attached Files:

    tiffany311, Dec 22, 2006
    #31
  32. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Attach it again. The file is named C:\newfiles.txt

    It does not look like you are extracting all of the files from the GetRunKey.zip file. Either that or you are not running GetRunKey.bat from a Windows Explorer session. I think it is the later. It seems that you are running the GetRunKey.bat file from inside of the ZIP file. You must not do this because neither GetRunKey or ShowNew will run properly if you do.

    Your logs are not showing any signs of malware anyway so I'm not sure any of this really matters. So at this point I will have to explicitly ask, "What malware problems are you having"?
     
    Last edited: Dec 23, 2006
    chaslang, Dec 23, 2006
    #32
  33. tiffany311

    tiffany311 Private E-2

    as stated earlier I said my computer was crashing and freezing too much:(
     
    tiffany311, Dec 23, 2006
    #33
  34. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That does not mean it is malware and based on what I have seen in your logs, I don't see any malware. I would suggest you write any error messages you get when it crashes (make sure you get the exact message) and post a message in the Software Forum about your problems. Make sure you also tell them that you have Windows 98 and also tell them you already checked for malware in the Malware Forum.
     
    chaslang, Dec 24, 2006
    #34

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds