• Folks, if you've recently upgraded or renewed your annual club membership but it's still not active, please reach out to the BOD or a moderator. The PayPal system has a slight bug which it doesn't allow it to activate the account on it's own.

Need some help getting rid of virus...

S

saltwater4life

Hey guys,
I am having some problems with virus/spy-ware and having problems getting rid of them...

So yesterday i was on a forum that i was looking at for help with my school homework. So i was on this site about an hour or more then i ate and came back, As soon as i came back i noticed it was frozen... it took a few minutes before anything happend then my wallpaper went to the black with flashing warning message about virus and stuff... And a new icon in the tray bar, little red ball with an X in the middle, Kept showing a little pop up saying i had a virus and i clicked on it took me to some site i forget what but it was a virus remover site. I exited the window and went to use our virus scanner Norton...(Yes i know it's not good) it never found anything after about 150k files so i went and downloaded AVAST and ran that asap as soon as it started it started finding stuff, It then said it needed to restart the computer and scan on reboot. So i found about 5-10 Trojan files and a bunch of other stuff... so after the scan it started up. I was hoping to see everything back to normal but it still showed the background and little message in the tray bar... Anyone know what to do? I've ran the reboot scan again and found some more stuff but it's still saying theirs more?
Also i noticed task manager was disabled when i would alt ctrl delete And i can't change the wallpaper...

Any ideas would be greatly appreciated

Thank you,
~Nick
 
S

saltwater4life

Alright I'll try that, I just realised that there were a bunch of files that i though i deleted in the quarantine for the scanner so i deleted those and i'm scanning again to see if it's all gone now.
 
H

Hirobo

saltwater4life said:
Alright I'll try that, I just realised that there were a bunch of files that i though i deleted in the quarantine for the scanner so i deleted those and i'm scanning again to see if it's all gone now.
Click to expand...

If the machine is acting like it still has a virus and you have files in quarantine they will not be the problem once files are put into there they are tagged on the bit level as unreadable or writable so the virus can not be activated from files in quarantine. what you need to do is to turn off system restore reboot into safe mode without network support as most viruses out there today re write your dns cache file and your lmhost file to point to their site run combofix here is a link on how to use it http://www.myantispyware.com/2007/10/08/combofix-another-free-anti-spyware-tool/ good luck
 
S

saltwater4life

Ok thanks,
I'm just wondering about the scanning in safe mode verse scanning before any loads? I mean the reboot scan happens i think before the window with the option to start in safe mode. So wouldn't it be kinda the same or not?
 
H

Hirobo

saltwater4life said:
Ok thanks,
I'm just wondering about the scanning in safe mode verse scanning before any loads? I mean the reboot scan happens i think before the window with the option to start in safe mode. So wouldn't it be kinda the same or not?
Click to expand...

The scan happens after the option to start in safe mode. when you see the windows xp logo, it is loading your profile registry setting etc etc the combo fix disables all of that and re-writes the dns zones and lmhost file it is one of the best virus fixes i have used in quite some time I use it in an office of 80 people and 25 servers
 
S

saltwater4life

Hirobo said:
saltwater4life said:
Ok thanks,
I'm just wondering about the scanning in safe mode verse scanning before any loads? I mean the reboot scan happens i think before the window with the option to start in safe mode. So wouldn't it be kinda the same or not?
Click to expand...

The scan happens after the option to start in safe mode. when you see the windows xp logo, it is loading your profile registry setting etc etc the combo fix disables all of that and re-writes the dns zones and lmhost file it is one of the best virus fixes i have used in quite some time I use it in an office of 80 people and 25 servers
Click to expand...
Ok i see, I guess i'm going to have to try it because i keep doing these scans get rid of everything it finds then i restart it and it's all back... everything's fixed til i restart it...
So this won't mess anything up besides the viruses right? :) Wasn't sure when you said rewhite...
Thanks again!
Thanks cmsurf I'll try that if Hirobo one doesn't work. Which hopefully will get rid of this crap... It's so annoying...

Btw idk this is the pop up i was talking about... right after the message in the right hand corner pops up that site comes up... Not sure if this is the same one but i read their is something that makes you have these fake alerts and websites like these... Any idea? Can't see Microsoft making this their recommended spy ware remover?

viruswarningwalpaperscreen.jpg
 
H

Hirobo

it's to late to make a recovery disk now you will just copy the virus to it and re-infect your machine. just run the combofix and let it do it's thing it works
 
S

saltwater4life

Man it won't run, keeps getting changed to ComboFix[1].exe and gives me an error... I've looked for another file named combofix and nothing comes up...
 
H

Hirobo

saltwater4life said:
Yay i think everything's fixed :)
Thank You Hirobo!
Only thing I've noticed is the Internet seems slower but might just be the site.
Click to expand...

Not a problem thats what i do for a living. ;D i would run it 2 more times in safe mode just to make sure. also run windows update and install any update you need
 
S

saltwater4life

Cool, :)
I'll be sure to do that. When i did scan with it, it wasn't in safe mode. I though it was going to be an installer at first or something but none the less still fixed the problem...
 
You must log in or register to reply here.
Top