Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Mouse and Keyboard Dead and Malware Detected


  • Please log in to reply

#1
Nancy123

Nancy123

    New Member

  • Member
  • Pip
  • 2 posts
Hey all,

My computer got infected with some nasty stuff (Using my friends computer right now). There was this website that was redirecting to a fake PayPal page. on of those .in extensions.

Even though I was able to use the computer I knew it was filled with viruses because of how slow it was and because I was the only one being redirected. My friend went to the same website and did not get redirected.

First I used malwarebytes to scan the PC and it only detected 2 PUP which were harmless. I still removed them just in case. I decided to go deeper and used the TDSSKiller it caught 8 threats. 1 of them was the sptd usually related to the google redirect virus. I don't remember the name of the other 7.
I deleted all of them and I was told to reboot the system. I rebooted, everything booted normally, however, my keyboard and mouse do not work. They are completely frozen and only work before windows starts in BIOS.

I realized that the only thing I could use was my DVD/CD so I used Avira rescue disk. Unfortunately, I can't copy the log to this PC exactly how it looks like but I copied the most important things and will list them below in a sec.

Avira was able to rename a couple of HTML/IFrame.JA.1 and Trojans such as TR/Dropper.GEN

But other it says archive scan aborted. I decided to try the AVG rescue disk next. I used the scan I could only due it half way because the light went off...yeah I know lucky me.

I will leave the half report below right after the Avira one. After all of this I'm still in the situation and my keyboard and mouse (USB) still don't work. I tried using an old non USB keyboard but no luck.

I'm going to use the bit defender rescue disk next meanwhile I leave the reports since I'm not very good at handling these things I was hopping for assistance.

Thank you.

AVIRA SCAN:

TR/Crypt-XPACK.Gen [archive scan abort]
TR/Dropper.GEN [renamed]
BDS/Gendal-654428 - renamed
BDS/Gendal-683423.2 - renamed
Java/Fester.L - archive scan abort
Java/Exdoer.DH.2 - archive scan abort
JAVA/Exdoer.EX - archive scan abort
SPR/Autolt.Gen - renamed
HTML/IFrame.JA.1 - renamed
HTML/IFrame.JA.1 - renamed
HTML/IFrame.JA.1 - renamed
HTML/IFrame.JA.1 - renamed
HTML/IFrame.JA.1 - renamed
HTML/IFrame.JA.1 - renamed
HTML/IFrame.JA.1 - renamed
HTML/IFrame.JA.1 - renamed
SPR/Hacktool.231936 - archive scan abort
TR/Gendal.kdv.294349 - archive scan abort
TR/Agent.339896 - renamed
TR/Agent.155648.30 - renamed
TR/Gendal 6690843 - renamed
TR/Gendal 6690843 - archive scan abort
BDS/Gendal.662620 - archive scan abort


invalid or corrupt - rarnew.dat
archive type- left 4 dead
end of file - keyword elite uninstallexe
bad compressed data- proxy checker unistallexe
end of file- gamers first uninstall exe
end of file - GrindSoft/Lines/Uninstall
A malformed archive header was detected - Serif/WebPlus Starter Edition/3-0/Data/FillTableconical.zip
end of file - SpeedFan/uninstall.exe
end of file - StumbleUpon/PostInstall.exe
end of file - StumbleUpon/PreUninstall.exe
bad archive header - AppData Plus500


AVG HALF SCAN:

AVG command line Anti-Virus scanner /mnt/sdd1/


PUP Tool.LN
/Program Files/Counter-Strike/platform/Friends/friendsUI.dll Runtime packed nspack
/Program Files/HideMyMac/mxid.dll Runtime packed nspack
/AppData/Local/Microsoft/Windows Defender/Filetracker/{051080FB-A0F8-4A77-B818-580411353E41} Virus Found Hosts
/AppData/Local/Microsoft/Windows Defender/Filetracker/{CED2FB3F-C2D8-474B-A179-2DA772753A80} Virus Found Hosts
Trojan Horse Generic3_c.CLFX
Trojan Horse Backdoor.Generic14.NAX
Trojan Horse Java/Agent.GX
Trojan Horse Java/Agent.FL
Trojan Horse Java/Agent.GX
Trojan Horse Java/Exploit.LJ
Trojan Horse Java/Agent.FB
Trojan Horse Java/Agent.FA
Trojan Horse Java/Exploit.LJ
Trojan Horse Java/Exploit.HS
Trojan Horse Java/Exploit.HP
Trojan Horse Java/Exploit.HS
Trojan Horse Java/Agent.EW
Trojan Horse Java/Agent.EW
/AppData/Local/Roaming/Octoshape/ Corrupeted executable file
/AppData/Local/Roaming/Octoshape/ Corrupeted executable file
PUP Tool.LN
PUP Tool.LN
Trojan Horse Generic3_c.CJNK
Trojan Horse Generic3_c.CJNK
hosts.txt Virus Found Hosts
PUP Tool.LN
PUP Tool.LN

ALL RENAMED SUCCESS ACCORDING TO AVG. (I did not copy all paths since it was too much to type by hand and I was in a hurry)

Edited by Nancy123, 13 December 2011 - 06:23 PM.

  • 0

Advertisements


#2
Nancy123

Nancy123

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Hey everyone, first things first, here is the bit defender scan:

BIT DEFENDER SCAN:

4 threats in 25 still present in your system


Backdoor.Generic.654428
joke.NoClose.IS.A
Trojan.Generic.6690843
Trojan.HTML.Iframe.T

--------------------------------------------


I then clicked disnfect all 4 but only Backdoor.Generic.654428 and Trojan.Generic.6690843 were success.


I than clicked delete both joke.Noclose.IS.A and Trojan.HTML.Iframe.T and they were deleted successfuly.


All 25 success.

I tried logging in in safe mode. Booted successfully as always but again as always mouse and keyboard do not work inside windows vista.

I ran a second bit defender a scan and it came out clean.

In order to fix the keyboard and mouse issues, I copies the usb drivers from my friends PC (who also runs Vista) and copied them into my PC but with no luck. Mouse and keyboard still not working inside windows vista.

I am, however, able to use mouse and keyboard and internet on my PC using bitdefender. I was able to get the TDSSKiller logs below.

Attached Files


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP