Page 5 of 10 FirstFirst 123456789 ... LastLast
Results 41 to 50 of 93

Thread: virus stops virus scan at windows folder

  1. #41
    Member
    Join Date
    May 2010
    Posts
    49

    Default not automatically

    no, but I will if it is important

  2. #42
    Emeritus- Malware Team
    Join Date
    Oct 2009
    Location
    New England, USA
    Posts
    503

    Default

    Quote Originally Posted by JarJar View Post
    what I saw when ESET was running is what I typed before:

    WIN32/Bagle.gen.zip worm

    If there is more to it, you can't see it on ESET while it is running.
    You had said it was in the system32 folder so I was hoping you could see what the file was.
    IndiGenus

  3. #43
    Emeritus- Malware Team
    Join Date
    Oct 2009
    Location
    New England, USA
    Posts
    503

    Default

    Quote Originally Posted by JarJar View Post
    no, but I will if it is important
    Yes, if it is BSOD'ing then the error code produced may help. It may not even be Malware related. Could be something overheating. How old and what type of PC is this?
    IndiGenus

  4. #44
    Member
    Join Date
    May 2010
    Posts
    49

    Default Bsod

    I tried to disable restart and got a message that Alerter needed to be turned on and that I had to do that in Admin Tools. Well I couldn't find admin tools so I haven't figured out how to do that yet. Then while trying to explain all this a couple days ago the computer shut down in the middle of my message. Fed up so I gave it a rest until today.I am on a different computer right now.

    We got our computer in 2004 I think. Not sure what kind - it says Impacta by ASUS on the tower. Was built for video editing. Found out much too late that they did not put a big enough power source in when it was built and yes, it overheats, but usually will stay on most of the day. At least it did before this latest virus or whatever it was. We have it on top of the desk with the side off and a fan blowing on it when it's in use (one of the internal fans stopped working) - that has helped.

    It does confuse things because I'm not always sure when it shuts off that it is because of the current infection. But it seemed back to "normal" until I ran that online virus scan and it found that worm file.

    If I can get the computer to stay on long enough to work with files can I try pulling off pictures and video files/projects to a new external drive? I mean I guess I can, but is this worm going to affect everything I'm moving off? Most of my files are in a separate drive, but some are on the C drive.

  5. #45
    Emeritus- Malware Team
    Join Date
    Oct 2009
    Location
    New England, USA
    Posts
    503

    Default

    If I can get the computer to stay on long enough to work with files can I try pulling off pictures and video files/projects to a new external drive? I mean I guess I can, but is this worm going to affect everything I'm moving off? Most of my files are in a separate drive, but some are on the C drive.
    That's up to you, and is sometimes the way to go when things keep shutting down and giving errors. It won't help if it's a heat related issue.

    Chances are good if you are just backing up documents, pictures, and personal files that they will not be infected. You can always run a scan on your backup drive before importing it all back to the fresh OS.

    You may have told me but I cannot remember and don't have time this second to review, but did you run a full system scan with Avast? If not I would suggest trying that. We can also try another online scanner too.
    IndiGenus

  6. #46
    Member
    Join Date
    May 2010
    Posts
    49

    Default overheating

    I just want to get my "stuff" off before it completely wears out - so I probably will do that and continue to work on cleaning it up also. I was able to run the avast scan in standard mode and it didn't find anything. Spybot found and fixed things and nothing else seemed to. I would like to try another on-line scanner. Guess I will run the long version of the avast scan. Takes forever - hope it doesn't overheat in the middle of it.

  7. #47
    Emeritus- Malware Team
    Join Date
    Oct 2009
    Location
    New England, USA
    Posts
    503

    Default

    The quick scan on this one, which is the default, doesn't take too long.

    TrendMicro™ HouseCall Scan
    • Please go HERE to run the Trend Micro™ HouseCall Scan.
    • Select the appropriate version from this page (32 or 64 bit) and download it to the desktop.
    • Run the executable file.
    • Read and put a Check next to I accept the terms of the license agreement.
    • Click Next.
    • Click the Scan Now button.
    • Please be patient while it scans your system.
    • Once the scan is complete, it will take you to the summary page.
    • Under Cleanup options, choose clean all detected infections automatically.
    • Click the Clean now>> button.
    • If anything was found you may be prompted to run the scan again, you can just close the browser window.


    Post any details about the scan in your next reply along with a fresh DDS log and a description of how your PC is behaving.
    IndiGenus

  8. #48
    Member
    Join Date
    May 2010
    Posts
    49

    Default the end

    Just to let you know my status. Computer will start and sits on the screen showing the motherboard brand and pentium4 - whatever that screen is. About 1 out of 10 times it will open in safe mode but not long enough for me to get any of my files off to the external drive. Not sure if it's the end of the hard drive or if I need to re-load windows. Probably going to hook up the DVD drive and try it - can't hurt at this point. Thanks anyway.

  9. #49
    Emeritus- Malware Team
    Join Date
    Oct 2009
    Location
    New England, USA
    Posts
    503

    Default

    Hmmm.....

    Another option is to make a PE disk, then boot off of that. Then you could run some tests on the drive, backup your files, etc... that's if it's not something like a RAM issue or other hardware issue (not hard drive). Do you have another PC and the resources to do this?

    Here are the instructions for a disk one of our developers created that will allow you to do that and run some scans. Let's get a scan here and while you're in there you can use the explorer to copy your personal files. Let me know how you make out.

    Please print these instruction out so that you know what you are doing

    File details OTLPEStd.exe
    Bytes=97,702,766
    MB=93.1
    MD5=FC1A07D156DE710955032B1CF7891671

    File details OTLPENet.exe
    Bytes=126,850,486
    MB=120.9
    MD5=8A7C5BA1C92552ADDCC5E468D0AA069A




    1. Download OTLPEStd.exe to your desktop
    2. Download OTLPENet.exe to your desktop
    3. Ensure that you have a blank CD in the drive
    4. Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD
    5. Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
    6. Reboot your system using the boot CD you just created.
      Note : If you do not know how to set your computer to boot from CD follow the steps here
    7. As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads

    8. Your system should now display a Reatogo desktop.
      Note : as you are running from CD it is not exactly speedy
    9. Double-click on the OTLPE icon.
    10. Select the Windows folder of the infected drive if it asks for a location
    11. When asked "Do you wish to load the remote registry", select Yes
    12. When asked "Do you wish to load remote user profile(s) for scanning", select Yes
    13. Ensure the box "Automatically Load All Remaining Users" is checked and press OK
    14. OTL should now start.
    15. Drag and drop this attached scan.txt into the Custom scans and fixes box
    16. Press Run Scan to start the scan.
    17. When finished, the file will be saved in drive C:\OTL.txt
    18. Copy this file to your USB drive if you do not have internet connection on this system.
    19. Right click the file and select send to : select the USB drive.
    20. Confirm that it has copied to the USB drive by selecting it
    21. You can backup any files that you wish from this OS
    22. Please post the contents of the C:\OTL.txt file in your reply.
    IndiGenus

  10. #50
    Member
    Join Date
    May 2010
    Posts
    49

    Default Hmmmm

    Thanks for the suggestion. I will try it probably Monday.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •