Virus ?

[xPlizz]

Hello microsoft guys (or however im supposed to call you )

I am writing this thread today for some reason wich i will explain :D

Recently my hard drive has been filling itself ... yes what you hear is true , it appears
to be alive or some kind
Now my question is :"I saw a map in my program files called : free offers from freeze.com"

I really don't think that it is good for a map named like that to be in program files , Most likely a virus?

Though i didn't go to freeze.com (maybe my moher did ,i don't know ) But i already deleted this map once and it appears to have come back .....

Ps: I checked some other posts and it's not the scheduled backup thing , and my virusscanner is AVG free

Thank you guys already ... hope to have a response soon !

 

[richc46]

Until the experts get here, run a full virus scan
http://www.malwarebytes.org/mbam.php

Download and scan with malwarbytes. Run the full scan. It takes about 90 minutes, be sure to update before the scan.
Post the results, here.

 

[xPlizz]

okay it's scanning right now... i'll update my post as soon as it's done

but 1 more question ; Would it not be possible for the virus to overwrite
the anti-malware program? or somehow make itself undetectable?

 

[niemiro]

okay it's scanning right now... i'll update my post as soon as it's done

but 1 more question ; Would it not be possible for the virus to overwrite
the anti-malware program? or somehow make itself undetectable?

Yes, but this will give us a good idea of what we are up against, and how big a hammer we need to bring in next. There are viruses that are almost undetectable, viruses that close your virus scanner as soon as it starts, and ones that edit log files before you can upload them to us. It does not sound like you have one of these, but if you do, there are very special tools available to deal with them. Part of the learning to be done is using the right tools at the right times, understanding the logs, and then getting rid of the virus. That is why we need to hand you over to an expert who has a Degree in Malware Removal and all of these complexities. She will have spent several months in intensive training. There is so much to learn nowadays, that a modern Malware Removal Degree takes about 8 months.

Richard

 

[xPlizz]

Yes, but this will give us a good idea of what we are up against, and how big a hammer we need to bring in next. There are viruses that are almost undetectable, viruses that close your virus scanner as soon as it starts, and ones that edit log files before you can upload them to us. It does not sound like you have one of these, but if you do, there are very special tools available to deal with them. Part of the learning to be done is using the right tools at the right times, understanding the logs, and then getting rid of the virus. That is why we need to hand you over to an expert who has a Degree in Malware Removal and all of these complexities. She will have spent several months in intensive training. There is so much to learn nowadays, that a modern Malware Removal Degree takes about 8 months.

Richard

Wow Impressive

I like your yin yang image :D
so far scanned 62000 files nothing found yet

 

[niemiro]

Yes, but this will give us a good idea of what we are up against, and how big a hammer we need to bring in next. There are viruses that are almost undetectable, viruses that close your virus scanner as soon as it starts, and ones that edit log files before you can upload them to us. It does not sound like you have one of these, but if you do, there are very special tools available to deal with them. Part of the learning to be done is using the right tools at the right times, understanding the logs, and then getting rid of the virus. That is why we need to hand you over to an expert who has a Degree in Malware Removal and all of these complexities. She will have spent several months in intensive training. There is so much to learn nowadays, that a modern Malware Removal Degree takes about 8 months.

Richard

Wow Impressive

I like your yin yang image :D
so far scanned 62000 files nothing found yet

Thank you! Even if no infects show up, it does not necessarily mean that you have no infection. Please stay with us until we give you the all clear. It could also, possibly, be caused by a dying hard disk drive, though first I think we should check for infection, as that "free offers from freeze.com" does not sound completely innocent.

 

[xPlizz]

Thank you! Even if no infects show up, it does not necessarily mean that you have no infection. Please stay with us until we give you the all clear. It could also, possibly, be caused by a dying hard disk drive, though first I think we should check for infection, as that "free offers from freeze.com" does not sound completely innocent.

yeah I don't trust the freeze.com thing I googled it and got some things about wallpapers and some people at McAffee ( who approved the site with green label but dissaproved the downloads with yellow label ) said that it had viruses.

100 000 scanned nothing

I sure hope that i don't have to replace the hard disk ...

It would be a problem because... well you see i have a laptop , and unlike a desktop I can't replace it myself ; so it will cost much money i think

 

[niemiro]

Thank you! Even if no infects show up, it does not necessarily mean that you have no infection. Please stay with us until we give you the all clear. It could also, possibly, be caused by a dying hard disk drive, though first I think we should check for infection, as that "free offers from freeze.com" does not sound completely innocent.

yeah I don't trust the freeze.com thing I googled it and got some things about wallpapers and some people at McAffee ( who approved the site with green label but dissaproved the downloads with yellow label ) said that it had viruses.

100 000 scanned nothing

I sure hope that i don't have to replace the hard disk ...

It would be a problem because... well you see i have a laptop , and unlike a desktop I can't replace it myself ; so it will cost much money i think

Laptop hard disk drives are not always hard to do. Some are much easier than Desktops. If you do need to (and fingers crossed for it not) we will have a look at your laptop, and see if we could guide you through it. You will not have to remove all of the inner components (usually) and this is the difficult bit, the thing laptops have got their difficult reputation from.

Have a look at this video. It is outdated, and a completely different laptop, but it might convince you that maybe, just maybe, you could do it yourself Upgrade your laptop's hard drive - Insider Secrets - CNET Reviews Also, the extra box of bits will not be necessary.

Richard

 

[xPlizz]

Laptop hard disk drives are not always hard to do. Some are much easier than Desktops. If you do need to (and fingers crossed for it not) we will have a look at your laptop, and see if we could guide you through it. You will not have to remove all of the inner components (usually) and this is the difficult bit, the thing laptops have got their difficult reputation from.

Have a look at this video. It is outdated, and a completely different laptop, but it might convince you that maybe, just maybe, you could do it yourself Upgrade your laptop's hard drive - Insider Secrets - CNET Reviews Also, the extra box of bits will not be necessary.

Richard

Wow that is exactly my laptop ! Jk it's not :D
I have an amilo xi 3560 wich is a huuuuuge laptop
160.000 files scanned nothing found .... this is going to be nothing.

 

[niemiro]

Ahhh... That laptop isn't the easiest. :huh:

 

[xPlizz]

Update : 214000 files scanned
1 file infected....

still scanning

 

[xPlizz]

Until the experts get here, run a full virus scan
Malwarebytes' Anti-Malware: Malwarebytes

Download and scan with malwarbytes. Run the full scan. It takes about 90 minutes, be sure to update before the scan.
Post the results, here.

Yes, but this will give us a good idea of what we are up against, and how big a hammer we need to bring in next. There are viruses that are almost undetectable, viruses that close your virus scanner as soon as it starts, and ones that edit log files before you can upload them to us. It does not sound like you have one of these, but if you do, there are very special tools available to deal with them. Part of the learning to be done is using the right tools at the right times, understanding the logs, and then getting rid of the virus. That is why we need to hand you over to an expert who has a Degree in Malware Removal and all of these complexities. She will have spent several months in intensive training. There is so much to learn nowadays, that a modern Malware Removal Degree takes about 8 months.

Richard

Wow Impressive

I like your yin yang image :D
so far scanned 62000 files nothing found yet

Thank you! Even if no infects show up, it does not necessarily mean that you have no infection. Please stay with us until we give you the all clear. It could also, possibly, be caused by a dying hard disk drive, though first I think we should check for infection, as that "free offers from freeze.com" does not sound completely innocent.

okay so these are the scan results , i set up the scanner in my language but i guess you can kinda know what is said

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Databaseversie: 4550

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18928

5/09/2010 20:26:08
mbam-log-2010-09-05 (20-26-08).txt

Scantype: Volledige scan (C:\|D:\|)
Objecten gescand: 481257
Verstreken tijd: 3 uur/uren, 7 minuut/minuten, 29 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 10

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
C:\Users\Christel\Desktop\Keanu's Files\Sony Vegas Keygen Uploaded by_SpecialDownloads.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
D:\Backup_PC1\Documents\Documents mammie\De Mammie\Local Settings\Temporary Internet Files\Content.IE5\3XVE02EF\nav_nmbs[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.
D:\Backup_PC1\Documents\Documents mammie\De Mammie\Local Settings\Temporary Internet Files\Content.IE5\49IBSH23\3[3].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
D:\Backup_PC1\Documents\Documents mammie\De Mammie\Local Settings\Temporary Internet Files\Content.IE5\7DHUA570\bgNavTopOverTelenet[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
D:\Backup_PC1\Documents\Documents mammie\De Mammie\Local Settings\Temporary Internet Files\Content.IE5\7DHUA570\footer[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
D:\Backup_PC1\Documents\Documents mammie\De Mammie\Local Settings\Temporary Internet Files\Content.IE5\AKI3GQOB\bgNavTopProfessioneel[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
D:\Backup_PC1\Documents\Documents mammie\De Mammie\Local Settings\Temporary Internet Files\Content.IE5\G19S1V2M\icon_alert[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
D:\Backup_PC1\Documents\Documents mammie\De Mammie\Local Settings\Temporary Internet Files\Content.IE5\L1R3FODE\icon_solli[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
D:\Backup_PC1\Documents\Documents mammie\De Mammie\Local Settings\Temporary Internet Files\Content.IE5\ZZYI233G\bgNavTopThuis[1].png (Extension.Mismatch) -> Quarantined and deleted successfully.
D:\Backup_PC1\Downloads\ChickenInvaders2Setup-dm.exe (Adware.TryMedia) -> Quarantined and deleted successfully.

 

[niemiro]

Don't worry, I know what all the sections are. Jacee should come by soon.

Richard

 

[Jacee]

Hi xPlizz,
Download Combofix from any of the links below, and save it to your desktop.<--Important
Link 1
Link 2
Link 3

Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.

• Double click combofix.exe and follow the prompts.
• When finished, it will produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Please be patient while the scan runs, at times it may appear to stall.
When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply together with a new hijackthislog.
After rebooting ensure your Security applications have been re-enabled.

In your next reply post:
ComboFix.txt

***A guide and tutorial on "How to use Combofix" can be found here:
A guide and tutorial on using ComboFix