Virus-Need help

Darn Malware

By on January 14, 2009 9:54:32 PM from WinCustomize Forums WinCustomize Forums

WeatherBound

Join Date 10/2005
+71

I have vista and was running One-Care Anti virus and firewall.  Some how a virus came into my system.

I have uninstalled One-Care and installed Avast Antivirus software that has a boot scan. I did the boot scan and it found 5 viruses on my system. Avast took care of those. I installed Comodo firewall just because i think it better to have a firewall installed.

I then Installed MalwareByts Anti malware soft-wear and it found one attack. And deleted it.

 

So far all sounds good but

I am still receiving messages in my Email saying that my email i sent did not go thrue and gives me the email addresses where it was supposed to go. I do not Email very much and all these addresses where not sent by me.

I will also add that i did try Ad-Aware, Spy-blaster and Avg and others and all say everything is Good.

I am still getting theses could not be delivered emails that i did not send. when i look at the date the error message says the recent date of today.....

Has any one run in to this? If so how long does it take for those could not be delivered emails to get out of the Email system?

I will tell you it has been since Friday since all scans have been showing up with no viruses.

If you have had this virus. Let me know what you did to get rid of it.

Any help would be appreciated

Thanks

103 Replies
Search this post
Subscription Options


Reason for Karma (Optional)
Successfully updated karma reason!
January 14, 2009 10:00:20 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

no idea, my advice (having dealt with a particularly nasty virus myself that infected three computers at my house) is to first make sure you have a pre-virus system backup and then completely wipe your machine, its the only way to really get rid of one. and try Kapersky or Webroot Spysweeper, both are excellent programs.

 

EDIT: also, if that sucker gets your mac address, theres nothing it can't do

Reason for Karma (Optional)
Successfully updated karma reason!
January 14, 2009 10:02:58 PM from WinCustomize Forums WinCustomize Forums

You've got some kind of worm attaching itself to emails it sounds like, if nobody here can help, there's a prog called HJT [Hiijack This] and these guys can help! --> here

Reason for Karma (Optional)
Successfully updated karma reason!
January 14, 2009 10:16:32 PM from WinCustomize Forums WinCustomize Forums

Good call TG! As long as he knows what to do with the results.

Reason for Karma (Optional)
Successfully updated karma reason!
Sign Up or Login and this ad disappears!
There are many great features available to you once you register. Sign Up for a free account and browse the forums without ads.
January 14, 2009 10:19:25 PM from WinCustomize Forums WinCustomize Forums

Yep, he has to download it first [HJT], then basically post his problem, and do exactly what they say, they are masters at getting rid of the more 'stubborn' problems

Reason for Karma (Optional)
Successfully updated karma reason!
January 14, 2009 11:41:12 PM from Stardock Forums Stardock Forums

Yuppers... its a worm. Try googling the name of the Re: mail and then find and run the worm removal tool. I know symantec lets you dl these tools for free.

Reason for Karma (Optional)
Successfully updated karma reason!
January 14, 2009 11:47:31 PM from WinCustomize Forums WinCustomize Forums

As per the first guys advice............Even if you think you have solved the problem via a scan or whatever will you ever be happy that the virus is still not lurking there?..........Clean and reinstall is the safest route

Reason for Karma (Optional)
Successfully updated karma reason!
January 14, 2009 11:54:40 PM from WinCustomize Forums WinCustomize Forums

DON'T do any backups to any external device. This is a Trojan/Worm. Hopefully TG's suggestion as to what to do and where to go will work. If they don't you'll have to do a low level format and reinstall everything.

That's lotsa fun. Believe me.

 

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 12:21:26 AM from WinCustomize Forums WinCustomize Forums

Damn, Doc. You are getting close to Zubaz in the KP area!! 

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 12:31:27 AM from WinCustomize Forums WinCustomize Forums

Hey Don, I sent you some help, your email sent it back to me. Approve me dude, but don't email me...lol. 

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 12:34:12 AM from WinCustomize Forums WinCustomize Forums

That's lotsa fun. Believe me.

It's really ain't that bad Doc. I do it a few times a year, just for that new PC feel. The speed and freshness of a brand new rig come back after a format and reinstall. I do it at least twice a year. If you keep backups, it really ain't so bad. 

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 12:36:10 AM from WinCustomize Forums WinCustomize Forums

This reminds of the 'Happy 98' email virus, or was it 99 it wasn't that bad, just an attachment that was sent out with every email, of an exe, which.. I clicked on, being new to the net at the time, and it was a really nice animation of fireworks, I thought it was great.. then everybody kept emailing me telling me to quit sending them stuff that was an easy removal.. one of the worst, was istbar..[not email related] that's when I met the HJT guys.. and after a few hours of doing the most INSANE stuff [whatever they asked] my system was clean

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 1:38:07 AM from WinCustomize Forums WinCustomize Forums

To late. I all ready emailed you. lol

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 1:43:46 AM from WinCustomize Forums WinCustomize Forums

Quoting WeatherBound,
To late. I all ready emailed you. lol
 just don't read it Jim

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 1:47:13 AM from WinCustomize Forums WinCustomize Forums

Thanks for all the suport you all are giving me.

Yrag has sent me a scan to do. He has helped me many time so i do his first. Boy i hope it works.

You've got some kind of worm attaching itself to emails it sounds like, if nobody here can help, there's a prog called HJT [Hiijack This] and these guys can help! --> here

This will be my second test

 

is to first make sure you have a pre-virus system backup and then completely wipe your machine

Been thinking of this many times over. If all others fail. I will need to do the crash

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 1:50:04 AM from WinCustomize Forums WinCustomize Forums

I will keep you all posted when test is done.

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 1:53:38 AM from WinCustomize Forums WinCustomize Forums

Good luck mate

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 2:52:53 AM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

If you don't want to format your computer.

I would take the following steps.

- Download and Install/Update and run a complete scan with NOD32 Anti-Virus (www.eset.com) NOT FREE they do have V4, which is beta.

- Download and Install/Update Malwarebytes' Anti-Malware

- Download and Install and then run a complete scan SUPERAntiSpyware Free Edition.

if you know the file that is being attached to your email. You can submit it to www.virustotal.com. VirusTotal has 30+ some anti-virus software that scan the file to determine if its some kind of malware. You might be able to find a remover on-line.

P.S. Avast is a great Anti-Virus Product although, from my understanding there are kind of slow with new virus.

P.S.S The best way to make sure your computer is FREE of malware is to completely format your computer.

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 9:57:52 AM from WinCustomize Forums WinCustomize Forums

Ok. Yrag test came up empty.  Thanks Yrag for the help. I will keep it for the future to use.

Next Hijack This.

I will also add that my incomming email has slowed down with the system mail delivery. Maybe  my computer is safe and it just take a while for all the mail errors to go thrue with mail system.

 

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 11:13:08 AM from WinCustomize Forums WinCustomize Forums

- Download and Install/Update Malwarebytes' Anti-Malware

I agree, but Spybot S&D is the way to go as for the other.

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 12:22:25 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

Yeah, I should have also included SpyBot S&D. If one of them miss the others hopefully get it.

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 12:25:57 PM from Demigod Forums Demigod Forums

You could try downloading hijack this and looking for suspicious crap and booting in safe mode to delete them.

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

http://www.computerhope.com/delhlp.htm

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 3:31:04 PM from WinCustomize Forums WinCustomize Forums

 

but Spybot S&D is the way to go as for the other.

Found Nothing

You could try downloading hijack this and looking for suspicious crap

Ran the scan and seems way over my head.

Yrag sent me one more thing test and testing as i write this. He also says if the last scan i did did not find anything then more than likely there is nothing active in my computer.  I almost believe it because thing has slowed down a lot.

 

I also want everyone to know that i did two thing when virus got in.

1 -  I Bought a wireless printer/scanner/fax/photo/copier from hp.  so i had to install soft wear for it.

2 -  I did a search on goggle for Quest helper for World of Warcraft add-on. all i did was clicked on the search text and it seemed like something was suspicious. I want to let you know that i did no download. just clicked on search page to take me to quest helper web page.

Not sure which one i did first.

when i did a boot scan with Avast it did find a virus and it was in a hp connection.

This is what lead to this virus i got.

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 3:48:19 PM from WinCustomize Forums WinCustomize Forums

Update-

TrojanHunter is about half done but it did find a virus.

C:\programs\HP|Digital Imaging\{20B3 bunch of #}setup\hpzshl01.exe(Adware.Vapsup.290)

I hope this is it.

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 3:50:51 PM from WinCustomize Forums WinCustomize Forums

Quoting PuterDudeJim,
That's lotsa fun. Believe me.

It's really ain't that bad Doc. I do it a few times a year, just for that new PC feel. The speed and freshness of a brand new rig come back after a format and reinstall. I do it at least twice a year. If you keep backups, it really ain't so bad. 

Reason for Karma (Optional)
Successfully updated karma reason!
January 15, 2009 3:55:15 PM from WinCustomize Forums WinCustomize Forums

Quoting WeatherBound,
Update-

TrojanHunter is about half done but it did find a virus.

C:\programs\HP|Digital Imaging\{20B3 bunch of #}setup\hpzshl01.exe(Adware.Vapsup.290)

I hope this is it.

So, the HP drivers were infected?

Somebody better tell them!

Reason for Karma (Optional)
Successfully updated karma reason!
Stardock Forums v1.0.0.0    #108432  walnut2   Server Load Time: 00:00:00.0000562   Page Render Time:

Home | About | Privacy | Upload Guidelines | Terms of Service | Help
WinCustomize © 2014 Stardock Corporation. All Rights Reserved.