need help getting rid of malware

Z

zuth

New member
Local time
3:20 AM
Messages
18
hello everyone
i recently started getting some errors in various places and antivirus notifications about some files that were quarantined immediately.
than i found out my firewall (windows) is turned off and cant be turned on again, when trying to do so i get 'error code 0x8007042c'
i tried turning it on manually through 'Services' and got another error
i ran scans with both Malwarebytes and Ad-aware, they removed some malicious files
yet i still cant turn on my firewall and i still get antivirus notifications such as : "a variant of Win32/Olmarik.AVQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Windows\System32\svchost.exe"
now that i keep Malwarebytes running i also get a massage from time to time that it "successfully blocked access to a potentially malicious website"

so i guess that my system is not yet clean even though scans come up with nothing
im grateful for any advice on that matter
 

My Computer My Computer

OS
Windows 7 Ultimate x64

My Computer My Computer

Computer Manufacturer/Model Number
HP Pavilion Elite 495UK
OS
Windows 7 Ultimate SP1 64-Bit
CPU
Intel Core i7 870 @ 2.93GHz
Motherboard
MSI 2A9C (CPU1)
Memory
8Gb Dual-Channel DDR3 @ 664MHz
Graphics Card(s)
nVidia GeForce GTX 460 1024MB dedicated RAM
Sound Card
Realtek HD Audio
Monitor(s) Displays
HP2310i
Screen Resolution
1920 x 1080
Hard Drives
1x1954GB Hitachi HDS22020ALA 330 (RAID), 1x1954GB Hitachi External for backup and storage
PSU
460W
Case
HP Elite
Cooling
Air cooled
Keyboard
Logitech K750 solar-powered keyboard
Mouse
Logitech Wireless M180 mouse
Internet Speed
2Mb
Other Info
Pure Avanti Flow Internet Radio with iPod Dock, 64Gb iPod, HP USB Speakers, Sony MDR-V500 Headphones, Sony Vaio F-Series Laptop
Download, install and update Malwarebytes' Anti-Malware as advised by seavixen32.

Click on the start orb and type 'msconfig' under the Boot tab select Safe Boot - Minimal. Click 'Restart' on the prompt. Once you have booted successfully, open Malwarebytes and do a full scan.

OR

Restart your PC, hold down the F8 key to bring up the Advanced Boot Options screen and choose Safe Mode with Networking. Once you have booted into that option successfully, open your browser then download, install and update Malwarebytes and perform a full scan.

You might want to try other on-demand scanners:
Hitman Pro
SUPERAntiSpyware
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 7 Ultimate x64
CPU
Intel(R) Core(TM) 2 Quad Q8200 @ 2.33 GHz
Motherboard
Asus P5KPL-AM SE Motherboard
Memory
2x2GB Kingston DDR2
Graphics Card(s)
1GB AMD Radeon HD 5450
Sound Card
VIA Technologies High Definition Audio Device
Monitor(s) Displays
Samsung SyncMaster 733NW
Screen Resolution
1440x900
Hard Drives
SEAGATE 320GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache x 2
Case
Custom Casing
Cooling
Ice cubes from the freezer ;)
Keyboard
Generic Plug & Play Keyboard
Mouse
Optical Mouse
Internet Speed
Very slow
zuth said:
now that i keep Malwarebytes running i also get a massage from time to time that it "successfully blocked access to a potentially malicious website"
Click to expand...

Hi,

The above behaviour is normal for the resident version of Malwarebytes - it appears to be working as per design.

Regarding your firewall, what antimalware software (aside from Malwarebytes) are you currently using? Perhaps it has its own version of a firewall, such as many anti-virus suites, which turn off the Windows Firewall.

Regards,
Golden
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Golden Mk. I.4
OS
Windows 10 Pro x64 ; Xubuntu x64
CPU
Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz
Motherboard
Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory
16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card(s)
EVGA NVidia GTX 560 1024MB
Sound Card
Realtek Integrated
Monitor(s) Displays
Dual Samsung SyncMaster 2494HS
Screen Resolution
1920*1080 and 1920*1080
Hard Drives
1*Samsung 840 EVO 120GB SSD;
1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
1*Samsung F1 SpinPoint 1TB;
2*Western Digital 1TB External USB 3.0
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
PSU
Thermaltake ToughPower QFan 750W
Case
Thermaltake Element S VK60001W2Z
Cooling
Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Keyboard
Logitech G110
Mouse
Logitech MX518
AFAIK MBAM works best in normal mode rather than safemode. If MBAM is not completely removing the malware then give Hitman pro and Dr webcureit a go. These three combined should solve the problem completely. Even if this combo fail then burn a kespersky rescue disk and do a scan with the rescue disk. Should solve your problem.
 

My Computer My Computer

Computer Manufacturer/Model Number
Compaq CQ 40- 330 TU laptop
OS
windows 7 ultimate 32 bit
CPU
Intel core 2 duo T6400 @ 2.00 GHz
Motherboard
Compal model 3607
Memory
2048 MB DDR 2 399.0 MHz

My Computer My Computer

Computer Manufacturer/Model Number
HP Pavilion Elite 495UK
OS
Windows 7 Ultimate SP1 64-Bit
CPU
Intel Core i7 870 @ 2.93GHz
Motherboard
MSI 2A9C (CPU1)
Memory
8Gb Dual-Channel DDR3 @ 664MHz
Graphics Card(s)
nVidia GeForce GTX 460 1024MB dedicated RAM
Sound Card
Realtek HD Audio
Monitor(s) Displays
HP2310i
Screen Resolution
1920 x 1080
Hard Drives
1x1954GB Hitachi HDS22020ALA 330 (RAID), 1x1954GB Hitachi External for backup and storage
PSU
460W
Case
HP Elite
Cooling
Air cooled
Keyboard
Logitech K750 solar-powered keyboard
Mouse
Logitech Wireless M180 mouse
Internet Speed
2Mb
Other Info
Pure Avanti Flow Internet Radio with iPod Dock, 64Gb iPod, HP USB Speakers, Sony MDR-V500 Headphones, Sony Vaio F-Series Laptop
Thanks for the confirmation Seavixen32 :)
 

My Computer My Computer

Computer Manufacturer/Model Number
Compaq CQ 40- 330 TU laptop
OS
windows 7 ultimate 32 bit
CPU
Intel core 2 duo T6400 @ 2.00 GHz
Motherboard
Compal model 3607
Memory
2048 MB DDR 2 399.0 MHz
You're welcome Gautam. I'm always concerned about giving wrong advice as it can be worse than no advice at all.
 

My Computer My Computer

Computer Manufacturer/Model Number
HP Pavilion Elite 495UK
OS
Windows 7 Ultimate SP1 64-Bit
CPU
Intel Core i7 870 @ 2.93GHz
Motherboard
MSI 2A9C (CPU1)
Memory
8Gb Dual-Channel DDR3 @ 664MHz
Graphics Card(s)
nVidia GeForce GTX 460 1024MB dedicated RAM
Sound Card
Realtek HD Audio
Monitor(s) Displays
HP2310i
Screen Resolution
1920 x 1080
Hard Drives
1x1954GB Hitachi HDS22020ALA 330 (RAID), 1x1954GB Hitachi External for backup and storage
PSU
460W
Case
HP Elite
Cooling
Air cooled
Keyboard
Logitech K750 solar-powered keyboard
Mouse
Logitech Wireless M180 mouse
Internet Speed
2Mb
Other Info
Pure Avanti Flow Internet Radio with iPod Dock, 64Gb iPod, HP USB Speakers, Sony MDR-V500 Headphones, Sony Vaio F-Series Laptop
wow, thanks for all the replies :)
first of, just to set things straight, i ran Malwarebytes both in safe mode and normal
and i also ran Windows malicious software removal tool which found nothing

@Golden - im currently not using any software aside from Malwarebytes, and my antivirus is NOD32, which i dont believe is causing this, it didnt do anything like this up until now

im gonna give Hitman pro and Dr webcureit a go and report back
 

My Computer My Computer

OS
Windows 7 Ultimate x64
reporting back, with good news (hopefully) :)
i just gave HitmanPro a go, rebooted and my firewall is back on :D
also, i had no alarming massages yet (in this short time period) from either NOD32 nor Malwarebytes
so, hoping im not speaking to soon, but it seems i got rid of this annoyance for now :D
many thanks to everyone for their support, will let you know if anything changes
 

My Computer My Computer

OS
Windows 7 Ultimate x64
You need to change all your passwords, using a known "clean" computer. Don't use the one that has/had the infection

See this article about Win32/Olmarik.AVQ trojan Cannot Uninstall Win32/Olmarik.AVQ - Win32/Olmarik.AVQ Virus Manual Removal | threatremoval

Win32/Olmarik.AVQ Description

Win32/Olmarik.AVQ is a destructive Trojan parasite which may occupy system resources and slow down computers. When infected by Win32/Olmarik.AVQ, you may find that certain files have gone missing from your hard disk or that your system is acting sluggish—or failing to start at all. You might even discover that Win32/Olmarik.AVQ can open up firewalls and allow remote hackers to access your computer without any permission or knowledge, which will enable the malicious hijackers to trace your web browser record and further steal your personal confidential information like credit card number and all kinds of passwords of your accounts. The problem with this stubborn virus is that there is no change/remove option in Add/Remove Programs. Win32/Olmarik.AVQ hides deep in registry entry and system files that pose a big threat to your PC and it’s necessary for you to terminate this bug quickly once detected.
Click to expand...
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
zuth said:
reporting back, with good news (hopefully) :)
i just gave HitmanPro a go, rebooted and my firewall is back on :D
also, i had no alarming massages yet (in this short time period) from either NOD32 nor Malwarebytes
so, hoping im not speaking to soon, but it seems i got rid of this annoyance for now :D
many thanks to everyone for their support, will let you know if anything changes
Click to expand...

You don't need Dr. Web CureIt by the way. It's already integrated into Hitman Pro. :D
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 7 Ultimate x64
CPU
Intel(R) Core(TM) 2 Quad Q8200 @ 2.33 GHz
Motherboard
Asus P5KPL-AM SE Motherboard
Memory
2x2GB Kingston DDR2
Graphics Card(s)
1GB AMD Radeon HD 5450
Sound Card
VIA Technologies High Definition Audio Device
Monitor(s) Displays
Samsung SyncMaster 733NW
Screen Resolution
1440x900
Hard Drives
SEAGATE 320GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache x 2
Case
Custom Casing
Cooling
Ice cubes from the freezer ;)
Keyboard
Generic Plug & Play Keyboard
Mouse
Optical Mouse
Internet Speed
Very slow
Good to know hitman pro took care of your problem. Please change all the password as Jacee adviced. Report back if you still have problem we are all here to help. :)
 

My Computer My Computer

Computer Manufacturer/Model Number
Compaq CQ 40- 330 TU laptop
OS
windows 7 ultimate 32 bit
CPU
Intel core 2 duo T6400 @ 2.00 GHz
Motherboard
Compal model 3607
Memory
2048 MB DDR 2 399.0 MHz
Thanks Francis I didn't know that re Dr Web - always pick up good tips in here:)

Zuth if it is of any help too mate I run KIS2012 and it does not like MBAM running in full version - I cannot speak for Nod and I just run the free version with it's scan settings as thus or else my KIS goes ape :geek:
 

Attachments

  • CaptureMBAMXX.PNG
    CaptureMBAMXX.PNG
    67.7 KB · Views: 23

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build (new) Desk1 / Asus ROG Win 7 / Desk2 1st build
OS
Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
CPU
Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i5 2500
Motherboard
Desk1 Asus P877-V / Desk2 Gigabyte H67 UD3H / Laptop ?
Memory
Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop 8Gb DDR3
Graphics Card(s)
Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Sound Card
Desk 1 & 2 -XONAR DG Realtek High Def audio Laptop
Monitor(s) Displays
Desk 1 Benq HD 2450 / Desk2 Philips 24" / Laptop 17.5"
Screen Resolution
1920x1080 D1 & D2 & Laptop 1
Hard Drives
Desk1 Samsung 120GB 830 SSD
Asus ROG 256GB 850 Pro SSD
Desk2 Samsung 840 256 SSD
Toshiba 120GB EVO
PSU
Desk 1 Corsair HX 1050/ Laptop ? / Desk 2 Corsair HX 650
Case
Desk 1 Cooler HAF XM ? Toshiba laptop / Desk2 Coolermaster
Cooling
Fans on all Desk1 -2 Desk2 - all Coolermasters 5 Laptop ?
Keyboard
Desk 1 MS Sidewinder X6 Desk 2 MS Sidewinder X 4
Mouse
Desk 1&2 - Gigabyte MS 900 gamer - laptop - Logitec wireless
Internet Speed
ADSL2+
Other Info
One other Desktop (tester) and spare Toshba laptop both with SSD's
Running Kaspersky 2016 ISS on all machines config'd identically
Logitec audio stereo systems on each machine (x3)
Canon MG5250MFC
Router/modem TP-Link running WPA2SK
You must log in or register to reply here.

Similar threads

need help getting w7 ultimate iso.
Replies
5
Views
2K
Megahertz07
Megahertz07
Solved Having trouble getting rid of Malware or Virus ? windows 7 MS essentia
Replies
1
Views
1K
lizzrd
L
Solved Need help getting 24 pin connector out of motherboard
Replies
1
Views
1K
samuria
samuria
Solved Need help getting rid of second copy of my printer in device list
2 3
Replies
46
Views
6K
jadinolf
jadinolf
Keyboard keys got reassigned, need help getting them restored
Replies
5
Views
3K
ICIT2LOL
ICIT2LOL
Back
Top