Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

School computer infected [RESOLVED]

Started by PoRT55 , Nov 29 2008 01:56 AM

  • This topic is locked This topic is locked

#16
fenzodahl512
Posted 01 December 2008 - 05:44 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Yup.. do this when you sleep or don't use the computer as will take quite a while...


Please download JavaRa to your desktop and unzip it to its own folder. <<MIRROR>>
  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

Then, please download and install the latest Java from HERE


---------------------------


Please run the Kaspersky Online Scanner

In Microsoft Windows Vista, you must open the Web browser using the Run as Administrator command. From the Desktop right click the icon to open the browser and choose Run as Administrator.


  • Click on SCAN NOW
  • Click Accept.
  • The program will then begin downloading the latest definition files.
  • Once the files have been downloaded locate the Scan Settings and have it scan My Computer.
  • The scan will take a while, so be patient and let it finish.


When the scan is done, in the Scan is complete window, any infection is displayed.
There is no option to clean/disinfect, however, we need to analyze the information on the report.

To obtain the report:
Click on: Save Report As
  • Next, in the Save as prompt, Save in area, select: Desktop.
  • In the File name area use KScan, or something similar.
  • In Save as type: click the drop arrow and select: Text file [*.txt]
  • Then, click: Save
Posted Image

Copy and paste the Kaspersky Online Scanner Report in your next reply.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.
  • 0

Advertisements

#17
PoRT55
Posted 02 December 2008 - 04:22 AM

PoRT55

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, December 2, 2008
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit (build 6000)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, December 02, 2008 02:36:19
Records in database: 1430824
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\

Scan statistics:
Files scanned: 159418
Threat name: 7
Infected objects: 9
Suspicious objects: 0
Duration of the scan: 02:57:09


File name / Threat name / Threats count
C:\Qoobox\Quarantine\C\Users\Tim\AppData\Local\Temp\qchpqhvm.dll.vir Infected: Trojan.Win32.Monder.aant 1
C:\Users\Tim\.housecall6.6\Quarantine\asappsrv.dll.bac_a01284 Infected: not-a-virus:AdWare.Win32.CommAd.a 1
C:\Users\Tim\.housecall6.6\Quarantine\ceb3CMU4.exe.bac_a01284 Infected: Trojan-Downloader.Win32.Small.buy 1
C:\Users\Tim\.housecall6.6\Quarantine\command.exe.bac_a01284 Infected: not-a-virus:AdWare.Win32.CommAd.a 1
C:\Users\Tim\.housecall6.6\Quarantine\EXNL47i.exe.bac_a01284 Infected: Trojan-Downloader.Win32.Agent.afzg 1
C:\Users\Tim\.housecall6.6\Quarantine\FES9U13.exe.bac_a01284 Infected: not-a-virus:AdWare.Win32.WebHancer.f 1
C:\Users\Tim\.housecall6.6\Quarantine\FES9U13.exe.bac_a01284 Infected: not-a-virus:AdWare.Win32.WebHancer.390 1
C:\Users\Tim\Documents\Incomplete\Preview-T-5745425-smells like cheese.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Users\Tim\Documents\Incomplete\T-5745425-smells like cheese.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1

The selected area was scanned.
  • 0

#18
fenzodahl512
Posted 02 December 2008 - 06:55 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Go to these folders and delete everything inside them.. Don't delete the folder itself.. Just leave them empty... How is your computer now? :)

C:\Users\Tim\.housecall6.6\Quarantine
C:\Users\Tim\Documents\Incomplete
  • 0

#19
PoRT55
Posted 03 December 2008 - 01:52 AM

PoRT55

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
the computer seems to be working great now. i want to thank you. does your donation accept pay pal? thanks again
  • 0

#20
fenzodahl512
Posted 03 December 2008 - 01:57 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts

the computer seems to be working great now. i want to thank you. does your donation accept pay pal? thanks again


Yup.. There's "Donate" button at my siggy.. click it :)


Looks good to me.. Lets do some cleanup...



Time for some housekeeping
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK
    Please note that the space between combofix and /u is needed

    Posted Image




Please read these excellent articles by miekiemoes :
Help! My computer is slow!
How to prevent Malware

And another excellent article by CastleCops Malware Prevention: Prevent Re-infection

Please reply to this thread once more and tell us about the computer behaviour before we can close this thread :)



Have a safe and happy computing day!


Regards
fenzodahl512
  • 0

#21
PoRT55
Posted 03 December 2008 - 11:23 PM

PoRT55

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
said combofix is uninstalled??
  • 0

#22
fenzodahl512
Posted 04 December 2008 - 03:06 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts

said combofix is uninstalled??



Yup.. That's right.. Any more question? :)
  • 0

#23
fenzodahl512
Posted 05 December 2008 - 11:52 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP