Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Winupd.exe virus seems to have started my problems [Solved]


  • This topic is locked This topic is locked

#46
moordogck

moordogck

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
It's weird because when I download anything using FF it doesn't ask me where I want to save it, it automatically starts downloading once I approve but it doesn't even say in which file.

That day I was able to download FF to my desktop then I moved it to the C drive.
  • 0

Advertisements


#47
moordogck

moordogck

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
So I tried downloading something else from IE so you could see the error, here is the screen print.

Thank you

Attached Thumbnails

  • IEissue.png

  • 0

#48
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
I'll check this error and get back to you soon.
  • 0

#49
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
For Firefox you must select Tools menu and then Options. Click on General tab and select option Always ask me where to save files. Click OK button. Try to download now with Firefox.

  • Go to Start -> My Computer
  • Right click on C: disk and clik on Properties
  • Click on tab Tools and click on Check now... button
  • Check Automatically fix system errors and Scan for and attempt recovery of bad sectors
  • Click Start button
  • Confirm schedule disk check next time computer starts with Yes button
  • Restart your system and wait while system checks your disk for errors

After that try to download again something with Internet Explorer.
  • 0

#50
moordogck

moordogck

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Hello maliprog, I followed your instructions and I'm still getting the same error when trying to download using IE.

I have a feeling there are viruses in this computer, I have Comodo antivirus and it did a scan and found several things, I wasn't sure what to do so I canceled until further instructions from you.

Thank you
  • 0

#51
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. I just had message from malware expert. You are trying to download files to c:\program files\ folder. Win7 64bit will not allow that and the message that you are receiving is a completely normal error message. Please try to download files do Desktop and it should be all OK.

Let me know results.
  • 0

#52
moordogck

moordogck

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Yes, I'm able to download to desktop, thank you for the new info.

Maliprog what do I do about the stuff that Comodo is finding? if I have Comodo in use why am I still getting viruses or malware? how can I get rid of them for good? and is Comodo a good antivirus to have? what would you recomend?

thank you!! :)
  • 0

#53
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Does Comodo finds anything now? How is your system? Any problems?
  • 0

#54
moordogck

moordogck

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Yes Comodo is finding stuff, it is also making me crazy with all the pop ups asking me if I want it to delete the stuff it is finding or not. Is Comodo an intivirus you would recomend? or what should I use? should I keep running Malware? I have a feeling there's stuff still hidding in my computer. :confused:
  • 0

#55
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
I'm not using Comodo so I can't tell you from my experience. Can you post me last Comodo log from infection he is finding. I need to see what does it found because maybe infection is back.
  • 0

Advertisements


#56
moordogck

moordogck

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Hi Maliprog, here is what it found today.

thank you!

[email protected]#2gm7tz3k5jjbi C:\Users\Amy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\532f4a01-64f671c8|vload.class

[email protected]#h5yhlgkekuo4 C:\Users\Amy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\532f4a01-64f671c8|vmain.class

[email protected]#2k442h6z33snk C:\Users\Amy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\19ad1f63-27114414|direct/cron.class

[email protected]#2k442h6z33snk C:\Users\Amy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\19ad1f63-51cad4c6|direct/cron.class

[email protected]#3bituiwo7tp1w C:\Users\Amy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\19ad1f63-51cad4c6|direct/portable.class

[email protected]#3bituiwo7tp1w C:\Users\Amy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\19ad1f63-27114414|direct/portable.class

[email protected]#17frrx7w822za C:\Users\Amy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\7aa787bb-20de5ecb|support/IO.class

[email protected]#23mxt19a5okgk C:\Users\Amy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\7aa787bb-20de5ecb|support/SendMail.class

[email protected]#157v8ijlei2oh C:\Users\Amy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\7aa787bb-20de5ecb|support/SmartyPointer.class

[email protected]#392kr8yq1ba8s C:\Users\Amy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\7aa787bb-20de5ecb|support/Socket.class

[email protected]#2sy6k85vdkjhl C:\Users\Amy\Desktop\tdsskiller.zip|TDSSKiller.exe

[email protected]#34240neewh565 C:\Users\Amy\Desktop\ComboFix.exe|UPX|catchme.3XE

[email protected]#34240neewh565 C:\Users\Amy\Desktop\ComboFix.exe|catchme.3XE

[email protected]#25sg2nwp0ywh7 C:\Qoobox\Quarantine\C\ProgramData\~yYHT7FtHFlbus6r.vir

[email protected]#164isq7opvqsx C:\ProgramData\WildTangent\FA9E2D68-8707-44C8-B93D-2FF048183749-extr.exe|Diner Dash-WT.exe
  • 0

#57
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. This is just temp files and leftovers. This should take care of them. In future just remove any findings from Comodo and you should be fine.

Step 1

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Commands
    [purity]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

  • 0

#58
moordogck

moordogck

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Hi Maliprog, thanks for not closing this thread after 3 days, I was away for a few days, I will do as you say and post log.

Thank you!
  • 0

#59
moordogck

moordogck

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Hi maliprog, hope you are having a great day, here is the log from OTL.

thank you

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Amy
->Temp folder emptied: 98824083 bytes
->Temporary Internet Files folder emptied: 922219873 bytes
->Java cache emptied: 12199083 bytes
->FireFox cache emptied: 324162153 bytes
->Google Chrome cache emptied: 8381562 bytes
->Flash cache emptied: 34083 bytes

User: AppData
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22004608 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 157865 bytes
RecycleBin emptied: 250520930 bytes

Total Files Cleaned = 1,563.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 02242012_075741

Files\Folders moved on Reboot...
C:\Users\Amy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
  • 0

#60
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi moordogck,

Yes I actually do :). How is your system now? If you don't have any problems let's clean system from programs we used.

Step 1

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end. Remove all other application we used to clean your PC.

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Enable Windows Update
  • Click Start, click Run, type sysdm.cpl, and then press ENTER.
  • Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them option.
  • Click OK button

2. Delete Temp files

Download TFC to your desktop
  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
  
3. Make Backups of Important Files

Please read this article Home Computer Data Backup.


4. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP