Darn Malware
Published on January 14, 2009 By WeatherBound In Personal Computing

I have vista and was running One-Care Anti virus and firewall.  Some how a virus came into my system.

I have uninstalled One-Care and installed Avast Antivirus software that has a boot scan. I did the boot scan and it found 5 viruses on my system. Avast took care of those. I installed Comodo firewall just because i think it better to have a firewall installed.

I then Installed MalwareByts Anti malware soft-wear and it found one attack. And deleted it.

 

So far all sounds good but

I am still receiving messages in my Email saying that my email i sent did not go thrue and gives me the email addresses where it was supposed to go. I do not Email very much and all these addresses where not sent by me.

I will also add that i did try Ad-Aware, Spy-blaster and Avg and others and all say everything is Good.

I am still getting theses could not be delivered emails that i did not send. when i look at the date the error message says the recent date of today.....

Has any one run in to this? If so how long does it take for those could not be delivered emails to get out of the Email system?

I will tell you it has been since Friday since all scans have been showing up with no viruses.

If you have had this virus. Let me know what you did to get rid of it.

Any help would be appreciated

Thanks


Comments (Page 2)
7 Pages1 2 3 4  Last
on Jan 15, 2009

Good luck mate

on Jan 15, 2009

If you don't want to format your computer.

I would take the following steps.

- Download and Install/Update and run a complete scan with NOD32 Anti-Virus (www.eset.com) NOT FREE they do have V4, which is beta.

- Download and Install/Update Malwarebytes' Anti-Malware

- Download and Install and then run a complete scan SUPERAntiSpyware Free Edition.

if you know the file that is being attached to your email. You can submit it to www.virustotal.com. VirusTotal has 30+ some anti-virus software that scan the file to determine if its some kind of malware. You might be able to find a remover on-line.

P.S. Avast is a great Anti-Virus Product although, from my understanding there are kind of slow with new virus.

P.S.S The best way to make sure your computer is FREE of malware is to completely format your computer.

on Jan 15, 2009

Ok. Yrag test came up empty.  Thanks Yrag for the help. I will keep it for the future to use.

Next Hijack This.

I will also add that my incomming email has slowed down with the system mail delivery. Maybe  my computer is safe and it just take a while for all the mail errors to go thrue with mail system.

 

on Jan 15, 2009

- Download and Install/Update Malwarebytes' Anti-Malware

I agree, but Spybot S&D is the way to go as for the other.

on Jan 15, 2009

Yeah, I should have also included SpyBot S&D. If one of them miss the others hopefully get it.

on Jan 15, 2009

You could try downloading hijack this and looking for suspicious crap and booting in safe mode to delete them.

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

http://www.computerhope.com/delhlp.htm

on Jan 15, 2009

 

but Spybot S&D is the way to go as for the other.

Found Nothing

You could try downloading hijack this and looking for suspicious crap

Ran the scan and seems way over my head.

Yrag sent me one more thing test and testing as i write this. He also says if the last scan i did did not find anything then more than likely there is nothing active in my computer.  I almost believe it because thing has slowed down a lot.

 

I also want everyone to know that i did two thing when virus got in.

1 -  I Bought a wireless printer/scanner/fax/photo/copier from hp.  so i had to install soft wear for it.

2 -  I did a search on goggle for Quest helper for World of Warcraft add-on. all i did was clicked on the search text and it seemed like something was suspicious. I want to let you know that i did no download. just clicked on search page to take me to quest helper web page.

Not sure which one i did first.

when i did a boot scan with Avast it did find a virus and it was in a hp connection.

This is what lead to this virus i got.

on Jan 15, 2009

Update-

TrojanHunter is about half done but it did find a virus.

C:\programs\HP|Digital Imaging\{20B3 bunch of #}setup\hpzshl01.exe(Adware.Vapsup.290)

I hope this is it.

on Jan 15, 2009

PuterDudeJim
That's lotsa fun. Believe me.

It's really ain't that bad Doc. I do it a few times a year, just for that new PC feel. The speed and freshness of a brand new rig come back after a format and reinstall. I do it at least twice a year. If you keep backups, it really ain't so bad. 

on Jan 15, 2009

WeatherBound
Update-

TrojanHunter is about half done but it did find a virus.

C:\programs\HP|Digital Imaging\{20B3 bunch of #}setup\hpzshl01.exe(Adware.Vapsup.290)

I hope this is it.

So, the HP drivers were infected?

Somebody better tell them!

on Jan 15, 2009

Update-

TrojanHunter is about half done but it did find a virus.

C:\programs\HP|Digital Imaging\{20B3 bunch of #}setup\hpzshl01.exe(Adware.Vapsup.290)

I hope this is it.

Don, I neglected to tell you about one of the best and first programs I use in the case of any virus, and it is free. Download RemoveitPro and run it, delete anything it finds. I swear by this app.

Locates & Removes many new dangerous files including Spyware, Malware, Virus, Worms, Trojan's and Adware that other popular AV programs do not find.

   http://www.incodesolutions.com/removeit.php

on Jan 15, 2009

 

on Jan 15, 2009

The HP file that is "infected" could be a false postive. I would submit that to Virus Total.

on Jan 15, 2009

Ok.  Jim

I did a quick scan and it found this.

I have been infected with virus (Win32.Unknown.Random.X)  

Its funny that all other scans have not found this.  It is in my startup folder under Power Reg Schedule V3

Not sure Jim if i should delete it. or if the soft wear will clean it. Since you use it. let me know what you do.

on Jan 15, 2009

I did a quick scan and it found this.

I have been infected with virus (Win32.Unknown.Random.X)

Its funny that all other scans have not found this. It is in my startup folder under Power Reg Schedule V3

Not sure Jim if i should delete it. or if the soft wear will clean it. Since you use it. let me know what you do.

Delete the sucker. Anytime theres Unknown or noName in the name, which I am sure you saw in HiJack this, delete it. If it has no name, it ain't good.

 

As for it being funny that the other scans missed it, remember my post:   Locates & Removes many new dangerous files including Spyware, Malware, Virus, Worms, Trojan's and Adware that other popular AV programs do not find

7 Pages1 2 3 4  Last