Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › I believe I have a virus
New Posts  All Forums:Forum Nav:

I believe I have a virus

post #1 of 16
Thread Starter 
Sorry if I'm posting this out of place, however I am do not know where else to post and I'm in a bit of a trouble here.

You see, I was trying to download something. I double checked to see if it had viruses and both MBAM and Avira identified it as a virus-free file.

So, I opened it, and BAM. I now have viruses.

Files named "kqc, kqb, kqf, etc." were being created and it was quite problematic. Even a popup saying "You have won an iPod4, click OK below for details" popped up.

My first reaction towards it was to close my computer and enter in Safe Mode. I scanned my computer with MBAM and Avira. Twice.

MBAM picked up 10 viruses, and Avira picked up 1.

After rescanning and in much comfort, seeing that I no longer have a virus, I started in normal.

Just to be safe, I tried scanning again. Strange things happened upon start up though.

A pop up saying "Internet something blocked this file from opening something security" and double clicking my Avira tray icon it would say "onDblClick() fail".

But nonetheless, I am still able to open it using run.

Another strange thing was that I could not scan as an administrator. I had to do it normally. That didn't bother me too much though.

After a few minutes, the pop up opened with the same message. "iPod4 you have won ETC." I promptly opened my task manager and I saw a process called "kqf.exe" opened and on the description is says "Dr.Web's something Windows 2011".

After I ended that process, the pop up would disappear.

Again, I'm sorry if I'm posting this out of place, but I have no where else to turn.

Since you guys are most likely more tech savvy than me, I really do need your help.

Thank you,

-Beanie
post #2 of 16
Microsoft security essentials + safemode Malwarebytes = No virus.
post #3 of 16
Thread Starter 
Quote:
Originally Posted by SpeedNuggeT;12256280 
Microsoft security essentials + safemode Malwarebytes = No virus.

I've ran Malwarebytes twice in safe mode with Avira. I still have the virus frown.gif
post #4 of 16
Try Avast + Spybot Search & Destroy + Ad-aware
●๑۩۩๑●
(14 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K @ 4.4GHz (1.34v) Gigabyte P67A-UD4-B3 Gigabyte GTX 470 SOC @ 825MHz 4GB Corsair Vengeance DDR3 1600MHz (CL8) 
Hard DriveCoolingOSMonitor
Samsung Spinpoint F3 1TB Cooler Master Hyper N520 Windows 7 Ultimate x64 SP1 ASUS VH236H 23" 1080p | 2ms 
PowerCaseAudio
Corsair TX650w (V1) Xigmatek Utgard X-Fi Titanium Fatal1ty 
  hide details  
Reply
●๑۩۩๑●
(14 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K @ 4.4GHz (1.34v) Gigabyte P67A-UD4-B3 Gigabyte GTX 470 SOC @ 825MHz 4GB Corsair Vengeance DDR3 1600MHz (CL8) 
Hard DriveCoolingOSMonitor
Samsung Spinpoint F3 1TB Cooler Master Hyper N520 Windows 7 Ultimate x64 SP1 ASUS VH236H 23" 1080p | 2ms 
PowerCaseAudio
Corsair TX650w (V1) Xigmatek Utgard X-Fi Titanium Fatal1ty 
  hide details  
Reply
post #5 of 16
Quote:
Originally Posted by SpeedNuggeT;12256280 
Microsoft security essentials + safemode Malwarebytes = No virus.

Keep doing this. If you feel like you still have a virus. Then keep doing this still
    
CPUMotherboardGraphicsRAM
Intel Pentium E5400 G31TM-P31 (MS-7529) NVIDIA GeForce GTS 250 Kingston (generic 6-6-6-18 @ 400mhz) 
Hard DriveOptical DriveCoolingOS
Seagate 250GB (ST3250318AS) Liteon CD/DVD-RW x22 Cooler Master Hyper 212 Plus Ubuntu 10.10 x86 / Windows 7 Ultimate x86 Dual-... 
MonitorKeyboardPowerCase
Acer X193HQ Genius KB 110 Corsair HX450 Something Generic 
MouseMouse Pad
Genius Netscroll 120 $4 Mousepad from CD-R King 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Pentium E5400 G31TM-P31 (MS-7529) NVIDIA GeForce GTS 250 Kingston (generic 6-6-6-18 @ 400mhz) 
Hard DriveOptical DriveCoolingOS
Seagate 250GB (ST3250318AS) Liteon CD/DVD-RW x22 Cooler Master Hyper 212 Plus Ubuntu 10.10 x86 / Windows 7 Ultimate x86 Dual-... 
MonitorKeyboardPowerCase
Acer X193HQ Genius KB 110 Corsair HX450 Something Generic 
MouseMouse Pad
Genius Netscroll 120 $4 Mousepad from CD-R King 
  hide details  
Reply
post #6 of 16
Try downloading ComboFix. Run it in SafeMode. Alongside with MBAM.

If neither work out, try getting Avira off of your machine, and installing the latest NOD32 from ESET. They have a free 30 day trial. I'm using the ESET Security Suite, and its absolutely rock solid. Best $80 (for 2 years) that I have EVER spent.
Junkyard
(18 items)
 
NAStradamous
(12 items)
 
HTPC01
(16 items)
 
CPUMotherboardGraphicsRAM
Intel i5 2320 @ 3.1GHz MSI B75MA-E33 HIS HD7970 3GB @ 1050 / 1700, 1.17v Patriot 2x4GB DDR3-1066 
Hard DriveHard DriveOptical DriveCooling
Crucial MX100 256GB WD Green 2TB DVDRW Corsair H50 Push / Pull 
CoolingOSMonitorMonitor
NZXT 120mm fans strapped to stock 7970 cooler Windows 10 Pro Dell 3007WFP Dell 2007FP 
MonitorKeyboardPowerCase
Dell 2007FP Cheap Toshiba (R.I.P. Ducky) PC Power & Cooling Silencer MKIII 950w Cheap Garbage (free) 
MouseAudio
Logitech G602 Yardsale Special 
CPUMotherboardGraphicsRAM
Intel Core i5 3330 Asus H61 MSI GTX 750Ti Low Profile 2x4GB Hynix DDR3-1333 
Hard DriveHard DriveOptical DriveCooling
60GB Kingston SSD 1TB Seagate Samsung DVDRW CoolerMaster Gemin II 
OSMonitorKeyboardPower
Windows 8.1 + Steam Big Picture / Plex HT 50" Insignia LED 1080p Logitech Rosewill Green 530w 
CaseMouseAudioOther
Silverstone HTPC Logitech Pioneer 2.0 tower speakers + 135w RMS Rosewill MCE Remote 
  hide details  
Reply
Junkyard
(18 items)
 
NAStradamous
(12 items)
 
HTPC01
(16 items)
 
CPUMotherboardGraphicsRAM
Intel i5 2320 @ 3.1GHz MSI B75MA-E33 HIS HD7970 3GB @ 1050 / 1700, 1.17v Patriot 2x4GB DDR3-1066 
Hard DriveHard DriveOptical DriveCooling
Crucial MX100 256GB WD Green 2TB DVDRW Corsair H50 Push / Pull 
CoolingOSMonitorMonitor
NZXT 120mm fans strapped to stock 7970 cooler Windows 10 Pro Dell 3007WFP Dell 2007FP 
MonitorKeyboardPowerCase
Dell 2007FP Cheap Toshiba (R.I.P. Ducky) PC Power & Cooling Silencer MKIII 950w Cheap Garbage (free) 
MouseAudio
Logitech G602 Yardsale Special 
CPUMotherboardGraphicsRAM
Intel Core i5 3330 Asus H61 MSI GTX 750Ti Low Profile 2x4GB Hynix DDR3-1333 
Hard DriveHard DriveOptical DriveCooling
60GB Kingston SSD 1TB Seagate Samsung DVDRW CoolerMaster Gemin II 
OSMonitorKeyboardPower
Windows 8.1 + Steam Big Picture / Plex HT 50" Insignia LED 1080p Logitech Rosewill Green 530w 
CaseMouseAudioOther
Silverstone HTPC Logitech Pioneer 2.0 tower speakers + 135w RMS Rosewill MCE Remote 
  hide details  
Reply
post #7 of 16
Recommend you only use one av at a time. Perosnally after I get a virus I usually reinstall the os. Found a keylogger before.. Not fun
post #8 of 16
Quote:
Originally Posted by SpeedNuggeT;12256280 
Microsoft security essentials + safemode Malwarebytes = No virus.

That's usually a good option for free defense. He does still need to get Avira off of there, before installing another AntiVirus.
Quote:
Originally Posted by Beanie;12256289 
I've ran Malwarebytes twice in safe mode with Avira. I still have the virus frown.gif

Avira won't get rid of it clearly. MBAM is picking stuff up, but not getting it fully off of there. Again, try ComboFix out in safe mode. I've had that remove some NASTY stuff before.
Quote:
Originally Posted by Diabolical999;12256297 
Try Avast + Spybot Search & Destroy + Ad-aware

Avast is garbage these days. Spybot is a good idea to try too though. Ad Aware won't touch anything that MBAM can do though.

I'm serious though, try ComboFix, Spybot, more MBAM, more ComboFix, and maybe try MSE or NOD32 instead of Avira. I'd vote NOD32 first though.
Junkyard
(18 items)
 
NAStradamous
(12 items)
 
HTPC01
(16 items)
 
CPUMotherboardGraphicsRAM
Intel i5 2320 @ 3.1GHz MSI B75MA-E33 HIS HD7970 3GB @ 1050 / 1700, 1.17v Patriot 2x4GB DDR3-1066 
Hard DriveHard DriveOptical DriveCooling
Crucial MX100 256GB WD Green 2TB DVDRW Corsair H50 Push / Pull 
CoolingOSMonitorMonitor
NZXT 120mm fans strapped to stock 7970 cooler Windows 10 Pro Dell 3007WFP Dell 2007FP 
MonitorKeyboardPowerCase
Dell 2007FP Cheap Toshiba (R.I.P. Ducky) PC Power & Cooling Silencer MKIII 950w Cheap Garbage (free) 
MouseAudio
Logitech G602 Yardsale Special 
CPUMotherboardGraphicsRAM
Intel Core i5 3330 Asus H61 MSI GTX 750Ti Low Profile 2x4GB Hynix DDR3-1333 
Hard DriveHard DriveOptical DriveCooling
60GB Kingston SSD 1TB Seagate Samsung DVDRW CoolerMaster Gemin II 
OSMonitorKeyboardPower
Windows 8.1 + Steam Big Picture / Plex HT 50" Insignia LED 1080p Logitech Rosewill Green 530w 
CaseMouseAudioOther
Silverstone HTPC Logitech Pioneer 2.0 tower speakers + 135w RMS Rosewill MCE Remote 
  hide details  
Reply
Junkyard
(18 items)
 
NAStradamous
(12 items)
 
HTPC01
(16 items)
 
CPUMotherboardGraphicsRAM
Intel i5 2320 @ 3.1GHz MSI B75MA-E33 HIS HD7970 3GB @ 1050 / 1700, 1.17v Patriot 2x4GB DDR3-1066 
Hard DriveHard DriveOptical DriveCooling
Crucial MX100 256GB WD Green 2TB DVDRW Corsair H50 Push / Pull 
CoolingOSMonitorMonitor
NZXT 120mm fans strapped to stock 7970 cooler Windows 10 Pro Dell 3007WFP Dell 2007FP 
MonitorKeyboardPowerCase
Dell 2007FP Cheap Toshiba (R.I.P. Ducky) PC Power & Cooling Silencer MKIII 950w Cheap Garbage (free) 
MouseAudio
Logitech G602 Yardsale Special 
CPUMotherboardGraphicsRAM
Intel Core i5 3330 Asus H61 MSI GTX 750Ti Low Profile 2x4GB Hynix DDR3-1333 
Hard DriveHard DriveOptical DriveCooling
60GB Kingston SSD 1TB Seagate Samsung DVDRW CoolerMaster Gemin II 
OSMonitorKeyboardPower
Windows 8.1 + Steam Big Picture / Plex HT 50" Insignia LED 1080p Logitech Rosewill Green 530w 
CaseMouseAudioOther
Silverstone HTPC Logitech Pioneer 2.0 tower speakers + 135w RMS Rosewill MCE Remote 
  hide details  
Reply
post #9 of 16
Thread Starter 
Quote:
Originally Posted by pioneerisloud;12256321 
That's usually a good option for free defense. He does still need to get Avira off of there, before installing another AntiVirus.



Avira won't get rid of it clearly. MBAM is picking stuff up, but not getting it fully off of there. Again, try ComboFix out in safe mode. I've had that remove some NASTY stuff before.



Avast is garbage these days. Spybot is a good idea to try too though. Ad Aware won't touch anything that MBAM can do though.

I'm serious though, try ComboFix, Spybot, more MBAM, more ComboFix, and maybe try MSE or NOD32 instead of Avira. I'd vote NOD32 first though.

I would love to use Nod32, however the issue with it ATM is that I do not have the money.

Also, I'll try combofix, spybot, and more MBAM.

I'll get back to you tmr on the details.


EDIT: IMPORTANT : ComboFix is extremely powerful , You should not run ComboFix.exe unless you are asked to by a trained helper.

What?
Edited by Beanie - 2/4/11 at 2:11am
post #10 of 16
Quote:
Originally Posted by dudenell;12256304 
Recommend you only use one av at a time. Perosnally after I get a virus I usually reinstall the os. Found a keylogger before.. Not fun

This is exactly why I hate getting a virus. You run all these programs but things just don't feel the same anymore. Now I usually end up reinstalling the OS too. PITA but hey...
Spanky
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-970 GigabyteX58-Ud5 Geforce 9800 12gb 3x4 Gskill 1066 
Hard DriveOptical DriveMonitorPower
500gb Western Digital DVD-RW DellE228 Antec 850 
Case
Haf 932 
  hide details  
Reply
Spanky
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-970 GigabyteX58-Ud5 Geforce 9800 12gb 3x4 Gskill 1066 
Hard DriveOptical DriveMonitorPower
500gb Western Digital DVD-RW DellE228 Antec 850 
Case
Haf 932 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › I believe I have a virus