Go Back  British Expats > Living & Moving Abroad > USA
Reload this Page >

Computer Virus - any ideas?

Computer Virus - any ideas?

Old Jul 15th 2005, 6:05 pm
  #1  
Account Closed
Thread Starter
 
Joined: Jul 2003
Posts: 853
Dimsie is an unknown quantity at this point
Default Computer Virus - any ideas?

My husband's computer has picked up a virus(trojan we think). We took the computer in to the local computer tech shop after failing to eliminate it. They kept it for 2 days. The computer is still in the same state when he started it up this morning. I wonder if any of the computer experts out there can throw any light. Here are the details husband passed to me:

"About 20 minutes after starting computer, even after no activity a Red x on yellow shield at

right button bar appears.

Yellow balloon over this says Your Computer might be at risk...(etc)

When clicking on the button one of two things happens

1. An official looking box headed "Windows Security Center" opens saying: Warning: Windows

Firewall detected suspicious network activity on your computer. Malicious software codes try to steal your privacy information such as credit card numbers, electronic mail accounts financial data or passwords. Do you want to learn how to protect your computer? yes and no buttons.

No shuts it off. but it returns later. Yes takes it to a download option for a file named

chmhelp.chm

2. Browser opens directly and the download option for file named chmhelp.chm.



info on web page
http://www3.ca.com/securityadvisor/v....aspx?id=43005


scan results this morning after return from the Tech Shop:
Scan Results: 61080 files scanned. 8 viruses were detected.

File Infection Status Path
ntud32.exe Win32.Winshow.CZ cannot delete C:\WINDOWS\system32\
rmmzzy.dat Win32.Winshow.CZ deleted C:\WINDOWS\
atljo.exe Win32.Winshow.CY cannot delete C:\WINDOWS\
qydose.dat Win32.Winshow.CY deleted C:\WINDOWS\
djyzjy.dat Win32.Winshow.CY deleted C:\WINDOWS\
vkqmei.dat Win32.Winshow.CZ deleted C:\WINDOWS\
applq32.exe Win32.Winshow.CY deleted C:\WINDOWS\
FILE0000.CHK Win32.Winshow.CZ deleted C:\FOUND.018\ "

We are going out just now, so won't be able to respond to any suggestions for a few hours . Thanks in advance!



I
Dimsie is offline  
Old Jul 15th 2005, 6:06 pm
  #2  
ImHere
Guest
 
Posts: n/a
Default Re: Computer Virus - any ideas?

Reformat the bugger and resinstall windows (and everything else)
 
Old Jul 15th 2005, 6:18 pm
  #3  
Country Member
 
g1ant's Avatar
 
Joined: May 2003
Location: Moved from Georgetown to Round Rock, Texas. 15 miles closer to civilization.
Posts: 936
g1ant has a reputation beyond reputeg1ant has a reputation beyond reputeg1ant has a reputation beyond reputeg1ant has a reputation beyond reputeg1ant has a reputation beyond reputeg1ant has a reputation beyond reputeg1ant has a reputation beyond reputeg1ant has a reputation beyond reputeg1ant has a reputation beyond reputeg1ant has a reputation beyond reputeg1ant has a reputation beyond repute
Default Re: Computer Virus - any ideas?

Originally Posted by ImHere
Reformat the bugger and resinstall windows (and everything else)
Don't give up your day job. :scared:
g1ant is offline  
Old Jul 15th 2005, 6:23 pm
  #4  
ImHere
Guest
 
Posts: n/a
Default Re: Computer Virus - any ideas?

Originally Posted by g1ant
Don't give up your day job. :scared:
Lets see. Say what a day max to reformat and reinstall everything? Completely clean system virus free and probably running far better than before. As opposed to several days of banging your head against a wall, spending money and letting other people fail to cure itand still having as system thats infected. Sometimes, once you've tried the simple ideas, you just have to bite the bullet.
 
Old Jul 15th 2005, 6:40 pm
  #5  
Vegas Baby
 
vegas's Avatar
 
Joined: Sep 2003
Location: Liverpool>Fl>Tx>Ca>Nv
Posts: 567
vegas has a reputation beyond reputevegas has a reputation beyond reputevegas has a reputation beyond reputevegas has a reputation beyond reputevegas has a reputation beyond reputevegas has a reputation beyond reputevegas has a reputation beyond reputevegas has a reputation beyond reputevegas has a reputation beyond reputevegas has a reputation beyond reputevegas has a reputation beyond repute
Default Re: Computer Virus - any ideas?

Try doing a system restore (programs-accessories-system tools-system restore) to a time before you picked up the virus.

or this is the uninstaller for winshow http://www.spyany.com/program/articl...m_Winshow.html
but I can't vouch for the damage that might occur by running it

Last edited by vegas; Jul 15th 2005 at 6:45 pm.
vegas is offline  
Old Jul 15th 2005, 7:08 pm
  #6  
You Are All Diseased
 
rincewind's Avatar
 
Joined: Feb 2004
Location: Farnham, UK
Posts: 4,511
rincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond repute
Default Re: Computer Virus - any ideas?

Login in safe mode and run a full virus scan.

Running safe mode will ensure that certain processes are not running.

Whichever virus software you run, tell it to delete infected files and NOT quarantine. Nortan has a habit of creating a bigger mess if you quarantine. Just delete all infected files.

Failing that, take ImHere's advice. Back up anything important and then reformat and reinstall. Just make sure you don't back up any infected files else your problem will come back.
rincewind is offline  
Old Jul 15th 2005, 7:13 pm
  #7  
Forum Regular
 
Joined: Apr 2004
Location: Austin, TX
Posts: 169
Britdrinker has much to be proud ofBritdrinker has much to be proud ofBritdrinker has much to be proud ofBritdrinker has much to be proud ofBritdrinker has much to be proud ofBritdrinker has much to be proud ofBritdrinker has much to be proud ofBritdrinker has much to be proud ofBritdrinker has much to be proud ofBritdrinker has much to be proud ofBritdrinker has much to be proud of
Default Re: Computer Virus - any ideas?

They must be a pretty incompetent lot down at the computer store. I hope you didn't pay them anything!

You are correct, you have a trojan.

This one, probably:

http://securityresponse.symantec.com...ndspyware.html

Print out the instructions from the link above.

The fact that you have the yellow shield in your taskbar means that you have Symantec's Norton Antivirus installed. I'd run it, set LiveUpdate to On, download all latest virus definitions and perform a full system scan.

Then follow the instructions you printed out to (hopefully) delete the virus.

Then download the free application Ad-Aware from Lavasoft and run that too,

Then download Spybot Search and Destroy (also free) from here: http://www.safer-networking.org/en/download/index.html and run that.

Then report back with progress!

PM me if you get stuck.

Originally Posted by Dimsie
My husband's computer has picked up a virus(trojan we think). We took the computer in to the local computer tech shop after failing to eliminate it. They kept it for 2 days. The computer is still in the same state when he started it up this morning. I wonder if any of the computer experts out there can throw any light. Here are the details husband passed to me:
Britdrinker is offline  
Old Jul 15th 2005, 8:03 pm
  #8  
Ray
 
Ray's Avatar
 
Joined: Mar 2003
Posts: 68,280
Ray has a reputation beyond reputeRay has a reputation beyond reputeRay has a reputation beyond reputeRay has a reputation beyond reputeRay has a reputation beyond reputeRay has a reputation beyond reputeRay has a reputation beyond reputeRay has a reputation beyond reputeRay has a reputation beyond reputeRay has a reputation beyond reputeRay has a reputation beyond repute
Default Re: Computer Virus - any ideas?

Does this look familiar
http://sarc.com/avcenter/venc/data/adware.livechat.html

Have you got an out of date anti-virus system

Or as britdrinker says..
Ray is offline  
Old Jul 16th 2005, 1:29 am
  #9  
my arm aches
 
ladyofthelake's Avatar
 
Joined: Jul 2003
Location: the warm waters of Florida
Posts: 2,289
ladyofthelake has a reputation beyond reputeladyofthelake has a reputation beyond reputeladyofthelake has a reputation beyond reputeladyofthelake has a reputation beyond reputeladyofthelake has a reputation beyond reputeladyofthelake has a reputation beyond reputeladyofthelake has a reputation beyond reputeladyofthelake has a reputation beyond reputeladyofthelake has a reputation beyond reputeladyofthelake has a reputation beyond reputeladyofthelake has a reputation beyond repute
Default Re: Computer Virus - any ideas?

Computer Cops is a good forum to ask questions on. Many a time we've got out of a scrape thanks to them.
ladyofthelake is offline  
Old Jul 16th 2005, 1:34 am
  #10  
Account Closed
Thread Starter
 
Joined: Jul 2003
Posts: 853
Dimsie is an unknown quantity at this point
Default Re: Computer Virus - any ideas?

Oh, thanks guys!! Just got in and read through the messages.


I'mHere: Thanks, yes, that will probably be what has to be done. We'll try anything else first though.


Vegas: thanks for the link - seems a little risky - but will keep that in mind .

Rincewind - He has tried to get into safemode, but system automatically selects to "Boot by floppy" which is not how it was set. Virus seems to have infected that too, and changed the setting.


Britdrinker: Many thanks. Agreed, computer shop is incompetent and will get told as much, if not by husband, then by me !! The snag in all this is that husband uses McAfee not Norton. the shield which comes up is part of the Microsoft Security Centre - a red shield with a white X.

So sadly the links you kindly gave will not be appropriate as they refer to Symantec. We will search for similar info for McAfee, and if not found will PM you. Thanks again for helping.

Ray: Yes, McAfee is thoroughly up to date. The warnings etc shown on your link do look familiar, but again refers to Symantec (I think) Will look at it again in more detail, as have skimmed through all, and husband will look now, himself.

Thanks again. Will let you know of any success (or not!)
Dimsie is offline  
Old Jul 16th 2005, 1:49 am
  #11  
ImHere
Guest
 
Posts: n/a
Default Re: Computer Virus - any ideas?

Originally Posted by Dimsie
Oh, thanks guys!! Just got in and read through the messages.


I'mHere: Thanks, yes, that will probably be what has to be done. We'll try anything else first though.


Vegas: thanks for the link - seems a little risky - but will keep that in mind .

Rincewind - He has tried to get into safemode, but system automatically selects to "Boot by floppy" which is not how it was set. Virus seems to have infected that too, and changed the setting.


Britdrinker: Many thanks. Agreed, computer shop is incompetent and will get told as much, if not by husband, then by me !! The snag in all this is that husband uses McAfee not Norton. the shield which comes up is part of the Microsoft Security Centre - a red shield with a white X.

So sadly the links you kindly gave will not be appropriate as they refer to Symantec. We will search for similar info for McAfee, and if not found will PM you. Thanks again for helping.

Ray: Yes, McAfee is thoroughly up to date. The warnings etc shown on your link do look familiar, but again refers to Symantec (I think) Will look at it again in more detail, as have skimmed through all, and husband will look now, himself.

Thanks again. Will let you know of any success (or not!)

Well good luck. Suprisingly a reformat isnt as painful as it seems as long as you cut a CD with all your docs and any other data you need. (as Rince says make sure nothing you back up is infected)

I find after a reformat I can be pretty much up and running per normal within half day. And the pc will run like a new machine afterwards.
 
Old Jul 16th 2005, 2:16 am
  #12  
 
gruffbrown's Avatar
 
Joined: Jun 2005
Posts: 30,102
gruffbrown has a reputation beyond reputegruffbrown has a reputation beyond reputegruffbrown has a reputation beyond reputegruffbrown has a reputation beyond reputegruffbrown has a reputation beyond reputegruffbrown has a reputation beyond reputegruffbrown has a reputation beyond reputegruffbrown has a reputation beyond reputegruffbrown has a reputation beyond reputegruffbrown has a reputation beyond reputegruffbrown has a reputation beyond repute
Default Re: Computer Virus - any ideas?

Originally Posted by ImHere
Well good luck. Suprisingly a reformat isnt as painful as it seems as long as you cut a CD with all your docs and any other data you need. (as Rince says make sure nothing you back up is infected)

I find after a reformat I can be pretty much up and running per normal within half day. And the pc will run like a new machine afterwards.
put it in the freezer...works wonders
gruffbrown is offline  
Old Jul 16th 2005, 2:26 am
  #13  
You Are All Diseased
 
rincewind's Avatar
 
Joined: Feb 2004
Location: Farnham, UK
Posts: 4,511
rincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond reputerincewind has a reputation beyond repute
Default Re: Computer Virus - any ideas?

Originally Posted by Dimsie
the shield which comes up is part of the Microsoft Security Centre - a red shield with a white X.
Personally, I think you may not have a Virus and the shield sounds like the update centre for XP and not a Virus thing.

I'm going to go out on a limb here and say you don't have a virus and are just simply getting messages saying you MAY have one as you need software to combat them. Maybe just adds.

I turned all my auto updates off for XP as I don't want SP2 screwing up my machine. I depend on it too much.

Like I say, I bet you don't have one if McAfee (crap by the way) is up to date. It's just a scare tactic to get you to update things.
rincewind is offline  
Old Jul 16th 2005, 2:35 am
  #14  
@matthewb76
 
Manc's Avatar
 
Joined: Jul 2003
Location: Missouri
Posts: 21,886
Manc has a reputation beyond reputeManc has a reputation beyond reputeManc has a reputation beyond reputeManc has a reputation beyond reputeManc has a reputation beyond reputeManc has a reputation beyond reputeManc has a reputation beyond reputeManc has a reputation beyond reputeManc has a reputation beyond reputeManc has a reputation beyond reputeManc has a reputation beyond repute
Default Re: Computer Virus - any ideas?

bunch of ****ing geeks!


take it to best buy let them sort it out!
Manc is offline  
Old Jul 16th 2005, 2:53 am
  #15  
Account Closed
Thread Starter
 
Joined: Jul 2003
Posts: 853
Dimsie is an unknown quantity at this point
Default Re: Computer Virus - any ideas?

Originally Posted by rincewind
Personally, I think you may not have a Virus and the shield sounds like the update centre for XP and not a Virus thing.

I'm going to go out on a limb here and say you don't have a virus and are just simply getting messages saying you MAY have one as you need software to combat them. Maybe just adds.

I turned all my auto updates off for XP as I don't want SP2 screwing up my machine. I depend on it too much.

Like I say, I bet you don't have one if McAfee (crap by the way) is up to date. It's just a scare tactic to get you to update things.

It seems that way, and yet the stuff it wants him to download is not microsoft stuff. And his computer seems to be affected in other ways too - eg can't boot up in safe mode.

I suppose there could be 2 problems.

Anyway, we shall leave it for tonight and look again tomorrow. Thanks again for your help ....much appreciated.
Dimsie is offline  

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.