OT! I need help!!!

[bsshog40]

I'm having to use my wife's PC right now. Mine got a trojan virus on it last nite. I have tried everything I could to get this out. I bought a spyware program that eliminated it, then it just came back. I've tried 3 others with the same results. I've tried to do a system restore to an earlier time on my PC but that never seems to work. Always tells me it can't be done. I'm at my wits end here ya'll. The virus seems to be in my c:\WINDOWS/ files. I'm thinking my last resort would be to re-format but I'm wondering also, with the location they are in if that would even work. I have Norton 2008 and it never detected the entry of this virus nor does it even find it. Any suggestions?? I can't afford to buy every spyware on the internet and like I stated, I've already had 2 that found the files, removed them, and then they came back in less than a minute. It's giving alot of Windows Security Messages, and also pops me to a spyware program web page. This is characteristic of this worm.

 

I don't know what to do next!!

[G-Myth]

buy a mac

 

 

[Revenant]

That sounds EXACTLY like the trojan I got about 6 months ago. Have fun. That one's a real person_without_enough_empathy.

[bsshog40]

buy a mac

 

 

Well I sure appreciate your help and respect! BTW, don't waste yours or my time making sarcastic posts if you have nothing worthwhile to say!!!!!!!

[EZ_E]

That sounds EXACTLY like the trojan I got about 6 months ago. Have fun. That one's a real person_without_enough_empathy.

 

What did you do to fix it?

 

Sorry to hear it, Bobby. People who create viruses should be emasculated!

 

I was going to suggest restoring to an earlier point but it didn't work for you. Now you can either reformat your computer or take it into a shop to maybe be fixed.

[EZ_E]

buy a mac

 

 

Bobby, I doubt that he was being sarcastic, just speaking the truth.

[bsshog40]

buy a mac

 

 

Bobby, I doubt that he was being sarcastic, just speaking the truth.

 

I've never owned a Mac and know nothing about them. Sorry, I'm just getting a little aggravated with this problem. I have been trying everything I know, (and I am pretty computer literate), and nothing is working.

[bsshog40]

That sounds EXACTLY like the trojan I got about 6 months ago. Have fun. That one's a real person_without_enough_empathy.

 

Can help me with what you did to fix it Rev??

[MunkyMan95]

You said it's advertising a spyware site? It sounds like Adware. Download and install an Adware remover and see if that helps.

[zrlevin]

You said it's advertising a spyware site? It sounds like Adware. Download and install an Adware remover and see if that helps.

 

It's free too, so it can't hurt to try.

[Revenant]

That sounds EXACTLY like the trojan I got about 6 months ago. Have fun. That one's a real person_without_enough_empathy.

 

Can help me with what you did to fix it Rev??

 

That sadly is part of the problem. I didn't fix it, my step-father, who is far better with technology than I am, fixed it for me.

 

However, IIRC, He found out the name of the file, re-started the computer in safe-mode to remove window's protection of that systems folder, changed the file's name to remove any remaining things that were trying to prevent its deletion and then he deleted the file. I think that worked. I know re-formating wasn't required.

 

Hope you get it fixed.

 

BTW, the reason you can't delete the file is that windows won't let you. That folder has all your main system files so Windows will always protect and restore whats in there. That's why virus creators like to seat viruses in there. To make them harder to get rid of by making the system protect whats trashing it.

[TomB]

What is the name of the malware? You should look into Adaware and Spybot Search & Destroy, both of which are free.

[G-Myth]

sorry if i offened you!

i was just making a suggestion!!

I gave up with dealing with PC BS years ago and have never had a problem since. Good Luck with your problem but most likely you will have to wipe the hard drive and reformat.

 

 

[bsshog40]

First off, I've already tried Adaware. Didn't work. I've even put my PC in safe mode to try to get to my task manager to stop it's process but it has that locked up too.

 

Rev, that sounds like the way to go if I could distinguish what the main file actually is. BTW, this thing was doing the same thing to my PC while it was in safe mode too.

[Revenant]

First off, I've already tried Adaware. Didn't work. I've even put my PC in safe mode to try to get to my task manager to stop it's process but it has that locked up too.

 

Rev, that sounds like the way to go if I could distinguish what the main file actually is. BTW, this thing was doing the same thing to my PC while it was in safe mode too.

 

There's Safe-mode and then there's Safe-mode w/ Networking disabled. If you disable networking then it takes the computer off any LAN connection. Without that connection the virus can't give you pop-ups.

 

There are online resources where you might be able to look up the file name.

[ant]

try shuting down and opening in safe mode. if you have a good scanner you can scan while in safe mode then when it deletes you restart in normal. usualy this works for viruses i get.

 

what are you running? xp,vista...

[James_OldeTowne]

buy a mac

Honestly, my next computer will almost certainly be a Mac. I'm sick and tired of MicroSoft.

 

AdAware works fantastic. Another step that might help a little is to begin using Mozilla FireFox so you at least have some protection against subsequent malware.virus invasions while you work on this one. MS IE (internet explorer) is simply garbage compared to FireFox.

 

Hope all goes well....

[EZ_E]

I thought that I was progressing pretty good along the PC learning curve but I've never heard of the "safe mode".

 

How do you access it?

[saen78]

I thought that I was progressing pretty good along the PC learning curve but I've never heard of the "safe mode".

 

How do you access it?

 

 

Restart your computer, By pressing the F8 key right when windows starts usually brings it up, then you will get a menu where you can choose to boot into safe mode.

[stinkycheese1]

Bobby, I believe I had this same trojan before. It would redirect me to other websites and I tried everything and couldn't remove it. AVG couldn't remove it, which is unusual. I had to download a program called windows malicious software removal tool to remove it. After that I had to download a special virus updater to keep my computer working, whenever it isn't turned on the computer has problems again.

[Revenant]

Bobby, I believe I had this same trojan before. It would redirect me to other websites and I tried everything and couldn't remove it. AVG couldn't remove it, which is unusual. I had to download a program called windows malicious software removal tool to remove it. After that I had to download a special virus updater to keep my computer working, whenever it isn't turned on the computer has problems again.

 

heh. Way to not completely solve the problem, Stinky.

[Coindude]

What's the name of the trojan?

[jesbroken]

Bobby,

Try this web page. This is Wellesley College who offer these steps to ID and irradicate viruses on your computer and not trying to sell you a program. At least if you follow all the steps it should hopefully identify your virus. I hope this helps.

Jim

 

Wellesley College

[bsshog40]

Thanks all. I'll try your link there Jim.

Victor, BTW, another way to start your pc in safe mode, (when I press F8 during boot-up, it doesn't give safe mode option), you can go to:

RUN- type in msconfig

Hit BOOT.INI tab

Put a check in the Safemode box, click ok, and it will ask you to restart.

 

You have to do the same procedure to go back to normal startup, only Uncheck the Safemode box.

[jgrinz]

First go to Microsoft and Get the "Malicious software removal tool" and run it

 

Second I have literally 4-5 Adware removal tools - They all do not do all of them.

 

The best setup I have found is ..

I run NORTON as a resident Program - Always running in the task bar

I run SPYNOMORE also in resident Mode - Always running in the task bar

 

These run all the time in the back ground.

 

I have Windows DEFENDER - Run Every 3AM to hunt and search for something that may have got through my firewall. ( Hardware ( Router ) and Software ( Windows Firewall )

 

Make sure you INTERNAL WINDOWS PROTECTION systems are turned ON

"FIREWALL" etc.

 

You have an adware problem ..., what is the name of the program it wants you to download "TO HELP YOU WITH THIS PROBLEM"

 

Then I can help you out a little more.

 

Good luck and PM me direct if you want

 

Windows Defender

http://www.microsoft.com/downloads/details.aspx?FamilyId=435BFCE7-DA2B-4A6A-AFA4-F7F14E605A0D&displaylang=en

 

SPYNOMORE

http://www.spynomore.com/

 

Winodws Malicious Software Removal Tool

http://www.microsoft.com/downloads/details.aspx?familyid=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en

 

 

 

 

[bsshog40]

I sure appreciate everyone's help here. You don't know how aggravated this was making me. Thanks to the Malicious tool link (Mike) this seems to have fixed the problem. I also went back in with my spyware program and was able to remove any remaining items that were left behind. (thumbs u

[bsshog40]

BTW, if anyone feels the need for a spyware program that's free and even removes the items without having to pay for it, here's a link spyware terminator

[Oldtrader3]

I had a similar Malware infection. As Tom said, try Spy-Bot, Search and Destroy, freeware. It stopped my Malware and made it go away.

[ant]

well on the Safe Mode mine is F10. but mine is vista and on start up at bottom of screen it shows options. try F9-F10 some computers are different in the F keys. not finding the right one wont mess with comp.

 

the start up screen is the BLUE screen that says windows. or you can tap the F button from shut down that way you know you were gitting it at right time of start up.

 

note: some scanners wont scan ALL files in SAFE mode but will get the system files. i have not had a problem with viruses since i baught Norton AV 360. it even forces me do backup the files after it has checked there is nothing there. i am not a mcfee fan

[DC Dawg]

Ok... now that amateur hour is over (and my lights and cable are working), please allow a professional to provide advice...

 

If you are having this problem where some malicious software (malware) keeps taking over your system. You need to rebuild your system. This means backup everything that is important, grab all of your configuration information (like what you need for your Internet connection), find those recovery disks, and rebuild the system.

 

NOTE: Some people will tell you that you should save the registry to recover the settings. DO NOT DO THAT! Some malware will store information in the registry. The idea is to clean things out, not put back the crud!

 

NOTE: None of the "security software" products are perfect. Even the best anti-virus system has a 90-95 percent success rate. This is well known in the information security industry. You do your best with what you have to work with. If you take precautions, you'll be Ok. Just hope that the one odd problems doesn't destroy your system. For Windows-based systems, the only reasonable way to recover when significant issues occur is to rebuild the system.

 

You need to start from scratch and rebuild from the original disks (you have those, don't ya?). When you do install the system, allow the installation software to format your hard disk. Run a full format, do not run a "quick format." Yes, this will wipe everything out. But if you are having problems that various tools cannot isolate, your best bet is to wipe everything out and start all over again.

 

Build the system, get it connected to the Internet, and run Windows Update. Don't worry about spyware, anti-virus, etc. at this point (you are only going to microsoft.com). Don't install any other program. Just run Windows update and let it install all of the security patches and update. Run Windows Update after each reboot until it runs without saying you have updates--some updates have dependencies on other updates that will not get recognized until those updates are installed.

 

Once you are fully up to date, reboot the system--even if Windows Updates does not install an update. You should load the other security software on a "clean" system. Then, install your anti-virus, anti-spyware/adware/whatever. Follow all directions including those that ask to reboot as well as connect to the Internet to find updates (you did save the license information, I hope).

 

After each installation, either run the anti-whatever software's full scan or allow it to as part of the installation. The reboot... start clean.

 

Before going any further, you need a firewall. Your anti-virus package may have come with one. If it did, use it. If you have a third-party product, use it. If you are running XP or Vista, you can use the builtin firewall. The firewall can be started from the Control Panel--select the "Security" icon from the list.

 

If you are not running XP or Vista or you want to run a third-party firewall, I highly recommend the free Zone Alarm (at www.zonealarm.com ). The free Zone Alarm and Spy Blocker Toolbar (from Checkpoint Software) are excellent tools. My office uses the enterprise version of Zone Alarm (now called Integrity Flex, but used to be called Zone Alarm Pro).

 

Now reload your software. If you are reloading Microsoft Office, do that first. Then run Office Update to ensure that you have all of the updates. Office Update is under the Start->Microsoft Office. If you did not load it (older version may not have this), run Windows Update--it will find the Office updates!

 

Reload your software and then recover your data from your backups. Once you are done, run a manual anti-virus scan (procedure is dependent on the AVS you use).

 

Depending on how much software and data you have to load, this will take 4-8 hours (or more).

 

When you finish, have a strong beverage of your choosing!

 

Good luck!

 

Scott