possible virus infection?

Hi, im pulling my hair out here ive run norton protection center with spyware and virus removel software as well as useing windows defender too it says it has cleaned all infections out but i still get a warnig that im sending unwated emails and also i cant update the definition files as it tells me im not connected to the internet but i clearly am, also when i try to access and kind of web pages related to deckard or combifix the pages dont show and i get the not connected warning is the virus trying to protect its self here????

any thoughts or answers on this problem are most welcome!!!

many thanks

 

Welcome to the Windows BBS Forums. Thank you for your patience.

It is my understanding that Deckards System Scanner (DSS) has been removed due to some problems with a rootkit infection.

Please use Trend Micro's HijackThis.

It is important that you uninstall any previous versions by using Add/Remove programs in your control panel before installing a newer version.

1. Please download Trend Micro - HijackThis.
2. Double click HJTInstall.exe to begin installation.
3. Accept the installation location, which by default is C:\Program Files\Trend Micro\HijackThis or click the Browse... button if you want to save it in another location.
4. Click Install.
5. A shortcut will be created on your Desktop and HijackThis will run automatically.
6. You will need to accept the EULA, if it appears, to be able to use the tool.
7. When HijackThis opens, click on the Do a system scan and save a log file button.
8. When HijackThis has finished scanning, a window entitled hijackthis.log will open. When you close this window, the log will be saved into the HijackThis folder.
9. If needed, see TrendMicroâ„¢ HijackThisâ„¢ Quick Start Guide
10. Copy and paste this log into your next reply.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

 

Thx but ive tryed to follow the link but the browser wont let me connect to anything to do with spyware removal or any anti-virus sites

 

You should be able to download/install Hijackthis after running Combofix.

Important: Save ComboFix to your desktop. You must rename it before running it. Name the ComboFix file something you will remember. In the instructions below, substitute combofix.exe with the name that you gave it.

1. Please download ComboFix and save it to your desktop. Alternate download locations:
   Link 2
   Link 3
   
2. Close ALL browser windows (including this one).
3. According to your Internet connection, please disconnect from the Internet.
   • Physically remove the cable for your broadband Internet service "Always On" Connection from your computer.
   • Turn your modem off.
   • Disconnect your modem cable from your computer.
   • Turn the device off for Handheld wireless connections.
4. Exit all processes and items in your System tray.
5. Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".
6. Double click combofix.exe and follow the prompts.
7. A window will open with a warning. Type 1 and press Enter to begin the scan.
8. The scan will temporarily disable your desktop, and if interrupted, may leave your desktop disabled. If this occurs, please reboot to restore the desktop.
9. Caution - do not touch your mouse/keyboard until the scan has completed. Touching your mouse/keyboard while the scan is running may cause it to stall.
10. When finished, ComboFix will produce a log for you and will automatically save the log file to C:\combofix.txt.
11. ComboFix will create a folder called QooBox in C: (C:\QooBox). It will contain any folders that were quarantined. When you are done, you can delete this folder - QooBox.
12. Note: ComboFix may reset a number of Internet Explorer's settings including making it the default browser. ComboFix resets some settings in IE in order to remove changes which may have been made by malware. It may also change the time format.
13. Please post:
    • C:\Combofix.txt
    • Hijackthis Log scanned in Normal Mode

 

ive tryed that but explorer keeps telling me im not connected to the net i can surf anywhere else but cant access any sites like combifix or even microsoft websites!!!!! do you have any ideas to get round this?

 

Thanks to noahdfear for this helpful tool.

1. Click noahdfear's Rename ComboFix.
2. If it launches a file download dialog for download_file.exe from noahdfear.net, click Run.
3. download_file.vbs file should appear on the desktop, and shortly there-after a renamed copy of ComboFix.
4. Please note that the vbs file is recognized by some security programs as a Trojan-Downloader.JS and may try to block it. I assure you, the file is safe.
5. If successful, double click the renamed ComboFix and follow the prompts.

 

You may not like hearing of my experience. I have had a very similar experience using Norton AV. Regardless to undesirable behavior evidencing virus like or spy bot behavior, Norton and Windows Security Center said that my system was clean as a whistle. I downloaded Trend Micro's Process Explorer. Whatever I had, it didn't recognize Process Explorer as a threat to the mayhem it was doing on my PC. Process Explorer upon right clicking a process provides a link to Google where you get an instant lookup for this process. That way you can determine if it's genuine to your system or malware. When you find the malware, either suspend it or kill it. This takes it out of memory and temporarily renders it inactive.

After you've deactivated the malware temporarily, you should be able to download anti-virus / anti-malware software, or updates to what you already have on your PC. Then you can scan, and deep six the bugger.

After my experience with Norton, I decided it isn't worth the powder to blow it to that big bit bucket in the sky. I read reviews in various PC magazines plus Consumer Reports. All ranked NAV very poor. CU rated Zone Alarm as a Best Bet. Cnet gave it similar kudos. So I wiped Norton completely off my hard drive sending it to HDD purgatory. I d/l Free Zone Alarm and was very pleased with the Firewall that shipped with this Free application.

Shortly thereafter, I went out and bought the full-featured retail version. In addition to a very solid firewall, it has a feature others haven't. It detects malware on use. As soon as malware attempts to activate via a legit application Zone Alarm launches its anti-virus scanner and anti-spyware /adware scanner. If automated it will first try to restore the file failing that it is moved into quarantine. If the file turns up on it's known list the offending file is promptly deleted. At the end of the scan, you are informed of Zone Alarm's automated actions.

If you opt for manual, you are given the option to restore, quarantine, or delete each instance or malware found all at once at the end of scan.

As a back-up to Zone Alarm, I use Spybot Search & Destroy. While Norton and Windows shipping anti-malware applications said that my system was just peachy keen-oh, these two powerhouses found and removed no fewer than 6 viruses, 12 adware, and 8 malware!

Once you have resolved your issues, I strongly suggest that you dump Norton, research and obtain the best application for your computing needs.