1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Virus problem - please help !

Discussion in 'Windows - Virus and spyware problems' started by dweb175, Feb 26, 2013.

  1. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    I have a relatively new virus called strong vult online backup on my pc and no anti- virus can detect this because I don't believe it's in any data base yet . I must have got this from installing multiple DVD burners from download.com and any suggestions on removal ? I know part of the removal is in going into task manager and how do I know what to delete that's part of the virus .
     
  2. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,724
    Likes Received:
    42
    Trophy Points:
    78
    check out this link.
    http://answers.microsoft.com/en-us/...ected-to/f9cfb0e2-af3b-46ca-80a4-470c8d36f8fc
     
  3. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    Thanks for the reply , only this didn't work and I may need to either bring it to a shop or do a complete reinstall because this is not detected by anything . Unfortunately computer shop owners won't divulge any secrets on what they use or there would be no business for them .
     
  4. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,153
    Likes Received:
    134
    Trophy Points:
    143
    have you tried system restore even in safemode\administrator?
     
  5. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    ^^^ No , I don't know if system restore can remove a virus . I may give this a try . Doing a complete reinstall is such a pain , although I could use the hard drive space .
     
  6. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Try this it's good:

    Download & SAVE to your Desktop RogueKiller from -> here
    o Quit all programs that you may have started.
    o Please disconnect any USB or external drives from the computer before you run this scan!
    o For Vista or Windows 7, right-click and select "Run as Administrator to start"
    o For Windows XP, double-click to start.
    o Wait until Prescan has finished ...
    o Then Click on "Scan" button
    o Wait until the Status box shows "Scan Finished"
    o click on "delete"
    o Wait until the Status box shows "Deleting Finished"
    o Click on "Report" and copy/paste the content of the Notepad into your next reply.
    o The log should be found in RKreport[1].txt on your Desktop
    o Exit/Close RogueKiller+



    2oG
     
  7. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    Thanks again guys , but nothing has worked and it looks like I have 2 options . I can either have a shop fix it or flush out everything and start over . I searched high and low on the web and unlikely any anti- virus will detect this .
     
  8. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,724
    Likes Received:
    42
    Trophy Points:
    78
    what about the log 2og asked for.if i was you i would listen to what he has to say.or you can just pee on the electric fence and learn that way.
     
  9. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    I'll try to run this again tomorrow and post a log , although it detected no traces of this virus I have and it's still in my PC ...
     
  10. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,724
    Likes Received:
    42
    Trophy Points:
    78
    you say nothing can find a trace of this virus? what are your symptoms ie abnormal behaviour? if there is anything there at all, the venerable gentleman who wants your hjt log can find it.on this site he is the virus guru.
     
  11. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Started in : Safe mode with network support
    User : Andy [Admin rights]
    Mode : Scan -- Date : 02/27/2013 22:25:08
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 2 ¤¤¤
    [DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\Andy\Local Settings\Application Data\Strongvault Online Backup\CtxMenu.dll [x] -> UNLOADED
    [DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\Andy\Local Settings\Application Data\Strongvault Online Backup\ClientApi.dll [x] -> UNLOADED

    ¤¤¤ Registry Entries : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: SAMSUNG HD080HJ/P +++++
    --- User ---
    [MBR] 887f7668355e2643e1007c8b52e271ec
    [BSP] ae203e84dcb456630d870d8f3155a2b5 : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76285 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[1]_S_02272013_02d2225.txt >>
    RKreport[1]_S_02272013_02d2225.txt Here is the log . It looks like it did detect this but not remove it .
     
  12. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    C:\Documents and Settings\Andy\Local Settings\Application Data\Strongvault Online Backup


    That is what I was looking for....

    now go to the Folder in RED and delete it...
    Use Windows Explorer to find it.

    Then come back and we can clear the leftovers and check for other infections...

    2oG

    p.s. don't pee on the electric fence. LOL
     
    Last edited: Feb 28, 2013
  13. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    @ddp
    I've lost my Preview button again. is it you or me?

    Addendum: Never mind I found it.. I've got the bug and hope I can find it so I can stop loosing my buttons.. lol I'll get it!
     
    Last edited: Feb 28, 2013
  14. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,153
    Likes Received:
    134
    Trophy Points:
    143
    that is your bug not my bug so i don't want your bug.
     
  15. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Got you covered.... lol
    [​IMG]
     
    Last edited: Feb 28, 2013
  16. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,153
    Likes Received:
    134
    Trophy Points:
    143
    BUG ALERT!!!BUG ALERT!!!
     
  17. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    Are you talking about the yellow folder that says windows that's located in my local disc when I click on " start , my computer , my local disc ? I don't see a red folder located in that specific folder or in documents and settings where I just looked ... I'm sure it's somewhere .
     
    Last edited: Feb 28, 2013
  18. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Well, I see you are a real novice..
    No, I just highlighted the folder red in the path that you must follow to find it using windows explorer.

    Just what is your skill level? Tell me how much you know about a computer so I won't go over your head...
    Do you know how to use windows explorer? Right click on the Start in the bottom left corner and click on Open windows explorer. Then let me know if you can follow this path:
    C:\Documents and Settings\Andy\Local Settings\Application Data\Strongvault Online Backup
    to this folder -> Strongvault Online Backup and then Delete it..
    Can you Highlight, Copy, Cut, Paste and Delete?
    Please let me know what your skill level is so I can try not to confuse you.

    2oG
     
  19. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    I have to get back with you tomorrow because I can't find what your asking me to look for and it's very frustrating . I'm not a computer novice , but not very good at trouble shooting virus related issues other then running a spyware program like Malwarebytes to find and get rid of it . I think it's obvious I can copy , paste and delete because I did this , but I have to find what your asking for to do this . I appreciate you sticking with me and hope to find a solution .
     
    Last edited: Mar 1, 2013
  20. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    dweb175,
    Forget about trying to use explorer right now…
    If running programs is ok for you then we can go that route and I’ll try not to throw you a curve ball.. If you don’t understand something STOP and ASK.

    The following programs should clean your computer thoroughly and after I look at the logs I’ll give you some tips on how to keep it clean and keep from getting viruses, adware, spyware, Trojans and etc.

    -Security Check-
    Please download -> Security Check by screen317 and save it to your desktop.

    1. Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    2. A Notepad document should open automatically called checkup.txt; please post the contents of that document.


    -Junkware Removal-
    Please download ->jrt.exe ... and save it to your desktop.

    1. Please temporarily disable your security/protection software as found here, to avoid potential conflicts.
    2. If running Vista or Win7... right-click jrt.exe and select "Run as Administrator",
    otherwise just double click it.
    The tool will open and start scanning your system. Please be patient, it can take a while depending on your system.
    On completion, a log file JRT.txt is saved to your desktop and will automatically open.
    3. Please copy and paste the contents of JRT.txt and post in your next reply.


    -AdwCleaner-
    Please download ->AdwCleaner by Xplode onto your desktop.


    1. Close all open programs and internet browsers.
    2. Double click on AdwCleaner.exe to run the tool.
    3. Click on Delete.
    4. Confirm each time with Ok.
    5. Your computer will be rebooted automatically. A text file will open after the restart.
    6. Please post the content of that logfile with your next answer.
    7. You can find the logfile at C:\AdwCleaner[S1].txt as well.



    -HijackThis-
    Please download ->TrendMicro HijackThis.exe and save it to your desktop

    1. Double-click on HJTInstall.exe
    2. Click on the Install button.
    3. It will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe.
    4. Upon install, HijackThis should open for you.
    5. Click on the Main Menu button
    6. Click on the Do a system scan and save a log file button
    7. Hijackthis will scan and then a log will open in notepad.
    8. Copy and then paste the entire contents of the log in your next post.
    9. Do not have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.


    Please post the Security Check, Junkware Removal, AdwCleaner and HijackThis logs in your next reply.

    That’s 4 Logs I need so that I can find any problems.
    Please let me know how your computer is acting.

    Just remember, I am not clairvoyant or telepathic and have no crystal ball, therefore, you must provide the Logs I request and tell me what’s happening on your end, so I am able to help you.


    2oG
    That’s the number 2 and NOT ‘Too’ , old with a small ‘o’ and Geek with a Capital ‘G’
     
    Last edited: Mar 1, 2013

Share This Page