hELLO, my pc got infected with WIN32: SOMOTO-J [PUP] i got it in virus chest, windows run very slow, could some one guide me how to deal with this problem. :(:(:(
what was the name and full location of the file detected…
PUP = not a virus / Possible Unwanted Program … a program that can be good or bad if abused
usually this is crap that comes bundlet with other downloads, like toolbars/adware
but also legit factory installed programs are classed as PUP bc of what they can do, so you need to know what it is before you take any action
googling a bit this seems to be some adware crap that comes with a download
https://www.virustotal.com/nb/file/47ed16bcf8ad37d53965c3fab1ecb7ed886a6167e497033e623791a682fba0c9/analysis/
http://www.sophos.com/en-us/threat-center/threat-analyses/adware-and-puas/Somoto%20BetterInstaller/detailed-analysis.aspx
Somoto BetterInstaller is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
if you have this, you may have more crap since your computer is slow…
follow instructions here and run AdwCleaner and Malwarebytes http://forum.avast.com/index.php?topic=53253.0
post logs here…
Hi it’s me again my pass stop working for email and forum, so i created new account
and the rest of logs, whats next ?
aswMBR log
Please download zoek.exe and save it to your desktop.
[*] Close any open browsers.
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.
[*] Double click on zoek.exe to run the tool .
Please wait while the tool does not start…
[*] Copy the text present inside the code box below and paste it into the large window in the zoek tool:
filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button
Please wait until a logreport will open (this can be after reboot)
[*] Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log”
I download zoek.exe first comodo block it but as you ask i turn off all security programs, than when i try to launch it its say i got no permision to run this file so i check whats going on and i found zoek running i task mannager
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.1
Locale ID: 1045
Additional information about the problem:
BCCode: 109
BCP1: A3A039D8974FF801
BCP2: B3B7465EE9CE331B
BCP3: FFFFF880009F0540
BCP4: 0000000000000002
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1
Files that help describe the problem:
C: \ Windows \ Minidump \ 082113-23712-01.dmp
C: \ Users \ ard \ AppData \ Local \ Temp \ WER-388848-0.sysdata.xml
Read our online privacy statement:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0415
If privacy statement online is not available, please read our privacy statement offline:
C: \ Windows \ system32 \ en-US \ erofflps.txt
Is it just Comodo firewall or antivirus?
This way we will check what cause BSOD.
Download WhoCrashed from here:
http://www.resplendence.com/download/whocrashedSetup.exe
This program will try to verify the analysis, which is the cause of driver error.
Note: This program requires installation.
Double-click to start the installation, and click Next .
[*] Check I accept the agreement and then the Next .
The program install to that location, and under that name by the program you offer.
[*] Click Next and in the next window, click Next
[*] Check Create a Desktop Icon and then click Next and then Install .
After you’ve installed WhoCrashed program, run it.
Note: If you get message that it look like this:
http://fotkica.com/thumbs2/117539_tmb_59577092_Who%20Crashed%20-%20Debuqqing.jpg
Click Download the requested file from the Microsoft site now and wait for the process to
download additional files and installation is complete.
When the program starts, click Analyze .
When scanning is done,click OK .
[*] Right-click on the area of the page with the report and select Select All, .
[*] Right-click on the area of the page with the report and select copy
[*] Open a new Notepad and select past to copy the contents of the logo in the notepad.
Now you can close the program.
Please attach here notepad with that logreport.
I got Comodo Internet Security Premium and Avast I will remove avast once i resolve this problem. Like i said i got in avast virus chest few files and im not sure if is safe to delete it.
Welcome to WhoCrashed (HOME EDITION) v 4.02
This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution.
Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice.
This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. It will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.
To obtain technical support visit www.resplendence.com/support
Click here to check if you have the latest version or if an update is available.
Just click the Analyze button for a comprehensible report …
Home Edition Notice
This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features.
Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.
System Information (local)
computer name: ARD-S0
windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
CPU: AuthenticAMD AMD Athlon™ X2 Dual-Core QL-64 AMD586, level: 17
2 logical processors, active mask: 3
RAM: 2951135232 total
VM: 2147352576, free: 1914568704
Crash Dump Analysis
Crash dump directory: C:\Windows\Minidump
Crash dumps are enabled on your computer.
No valid crash dumps have been found on your computer
Conclusion
Crash dumps are enabled but no valid crash dumps have been found. It may be that there are problems which prevent crash dumps from being written out. Check out the following article for possible causes: If crash dumps are not written out.
In case your computer does experience sudden reboots it is likely these are caused by malfunctioning hardware, power failure or a thermal issue. To troubleshoot a thermal issue, check the temperature using your BIOS setup program, check for dust in CPU and motherboard fans and if your computer is portable make sure it’s located on a hard surface. Otherwise it’s suggested you contact the support department of the manufacturer of your system or test your system with a memory test utility for further investigation.
Check out the following articles for more information: Troubleshooting sudden resets and shut downs.
Read the topic general suggestions for troubleshooting system crashes for more information.
Note that it’s not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it’s suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
I will remove avast once i resolve this problem. Like i said i got in avast virus chest few files and im not sure if is safe to delete it.
The system can be only one antivirus
Deleting Avast, deleted and virus.
WhoCrashed not display the BSOD.