 |  |  |  |  |  |  |  |
Virus alert!!!!!!!!!!!
 |
Hi anyone else been hit by this massive virus that takes over admin. duties on your cpu? I got most of the bad stuff out with Nortons and spyware doctor. But can seem to get full control of my cpu like I cant go into my program files or my hard drives or even just my screensavers. Need help bad. anyone face this monster? Thanks
Did it change your desktop telling you to 'click here to remove virus'.....that is the one I battled for a while. I ran norton 360, then trend micro house call to finally be rid of it. But is sounds like the same thing....you might also need to run reg cure, or reg fixer afterward.....good luck!
"If we never take time, how can we have time?" --Merovingian~The Matrix
Intel Quad Core2 Ext. QX6700;GeForce 8800 GTX 768MB
3gig Corsair DDR3 1800 w/heatsink;500GB HD x2;BigWater 760i
Intel Quad Core2 Ext. QX6700;GeForce 8800 GTX 768MB
3gig Corsair DDR3 1800 w/heatsink;500GB HD x2;BigWater 760i
•
•
Join Date: May 2005
Posts: 3,204
Reputation: 
Solved Threads: 188
This will clean some generally attacked sites in your machine and reset to defaults some files and registry data...
==Download SDFix from here: http://downloads.andymanchesta.com/R...ools/SDFix.exe
and save it to your desktop. Dclick SDFix.exe and choose Run to extract it to %systemdrive%, which commonly will be C:\
** ==Download this temp file cleaner from http://www.atribune.org/ccount/click.php?id=1 --click in the download window to run it, and when ATF Cleaner opens go Select all, and then Empty Selected.
Next click Firefox [if you have that browser..] at the top, Select All again, and Empty Selected again. Follow that procedure also if you have Opera.
Close ATF. Run ATF in any other accounts.
=You must restart your computer in Safe Mode:
- press F8 several times while POST is running and before IDE detection completes.
- On the Windows Advanced Options Menu, select Safe Mode and press Enter.
- When the Boot Menu appears again, select Microsoft Windows XP and press Enter.
- Log in by using the Administrator account and password. NOTE: The password is blank by default unless you set a password.
=Open the extracted SDFix folder, C:\SDFix and double click RunThis.bat to start the script. Type Y to begin the cleanup.
You will be prompted to press any key to Reboot - the pc will then restart.
The tool will run again and complete the removal process then display Finished; press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
Restart the pc in normal mode. Post the contents of the file Report.txt here, along with the log of a fresh hijackthis scan run in normal mode.
==Download SDFix from here: http://downloads.andymanchesta.com/R...ools/SDFix.exe
and save it to your desktop. Dclick SDFix.exe and choose Run to extract it to %systemdrive%, which commonly will be C:\
** ==Download this temp file cleaner from http://www.atribune.org/ccount/click.php?id=1 --click in the download window to run it, and when ATF Cleaner opens go Select all, and then Empty Selected.
Next click Firefox [if you have that browser..] at the top, Select All again, and Empty Selected again. Follow that procedure also if you have Opera.
Close ATF. Run ATF in any other accounts.
=You must restart your computer in Safe Mode:
- press F8 several times while POST is running and before IDE detection completes.
- On the Windows Advanced Options Menu, select Safe Mode and press Enter.
- When the Boot Menu appears again, select Microsoft Windows XP and press Enter.
- Log in by using the Administrator account and password. NOTE: The password is blank by default unless you set a password.
=Open the extracted SDFix folder, C:\SDFix and double click RunThis.bat to start the script. Type Y to begin the cleanup.
You will be prompted to press any key to Reboot - the pc will then restart.
The tool will run again and complete the removal process then display Finished; press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
Restart the pc in normal mode. Post the contents of the file Report.txt here, along with the log of a fresh hijackthis scan run in normal mode.
Deep, deep in the woods, but walking about.
•
•
Join Date: Jan 2007
Posts: 3,210
Reputation:
Solved Threads: 165
•
•
•
•
Originally Posted by itdupuis 
Did it change your desktop telling you to 'click here to remove virus'.....that is the one I battled for a while. I ran norton 360, then trend micro house call to finally be rid of it. But is sounds like the same thing....you might also need to run reg cure, or reg fixer afterward.....good luck!
Daylight-saving time uses more gasoline
•
•
•
•
Originally Posted by MidiMagic
Where are these?
If you go to the Trend Micro website, you can access their free online tool named "house call". It is a good one to run......Norton 360 is a bought software set, and do a search online for a registry cleaner or fixer, and you can choose which one is best for you. Let me know if you have any questions.....Have a great day!
"If we never take time, how can we have time?" --Merovingian~The Matrix
Intel Quad Core2 Ext. QX6700;GeForce 8800 GTX 768MB
3gig Corsair DDR3 1800 w/heatsink;500GB HD x2;BigWater 760i
Intel Quad Core2 Ext. QX6700;GeForce 8800 GTX 768MB
3gig Corsair DDR3 1800 w/heatsink;500GB HD x2;BigWater 760i
I have found a "Cocktail" solution that has proven to be very affective for me. At the university helpdesk I cover, we have students bring in machines with more crap on them than you can imagine.
I can't take credit for this, but I do champion this approach.
There are four programs you will need. It's late and I'm rushed, so I apologize for not posting the urls to them. Get these four programs and have them in a folder on your flash drive so you can just drop it on the desktop of the hosed computer.
1. ComboFix This is one of the best programs I have ever found. Though some of the latest crapware can bypass it, I still start with it. ComboFix must have been written by one of the best hackers in the world. The program will expire after a week and you have to re-download it again. IF expired it will delete itself or it will spoof a virus for the AV to get it. Genius.
2. SuperantiSpyware (this is also on the Ultimate Boot CD).
3. CCleaner
4. Malwarebytes Antimalware program.
Now, with the folder on the hosed computer, Run ComboFix first. It will kill Explorer, reset the clock and couple of other things. It may require a reboot also. Just stand back and don't touch the computer until you see the Text Log.
Install CCleaner, but don't run it.
Next install & update SuperantiSpyWare. Run it and it will need to reboot.
If you get a blue screen, boot safe mode and run CCleaner.
After running Super, now install, update and Run Antimalware program.
This will cure what ales you, at least it does for 99%+ for me.
Good Luck!
~td99
I can't take credit for this, but I do champion this approach.
There are four programs you will need. It's late and I'm rushed, so I apologize for not posting the urls to them. Get these four programs and have them in a folder on your flash drive so you can just drop it on the desktop of the hosed computer.
1. ComboFix This is one of the best programs I have ever found. Though some of the latest crapware can bypass it, I still start with it. ComboFix must have been written by one of the best hackers in the world. The program will expire after a week and you have to re-download it again. IF expired it will delete itself or it will spoof a virus for the AV to get it. Genius.
2. SuperantiSpyware (this is also on the Ultimate Boot CD).
3. CCleaner
4. Malwarebytes Antimalware program.
Now, with the folder on the hosed computer, Run ComboFix first. It will kill Explorer, reset the clock and couple of other things. It may require a reboot also. Just stand back and don't touch the computer until you see the Text Log.
Install CCleaner, but don't run it.
Next install & update SuperantiSpyWare. Run it and it will need to reboot.
If you get a blue screen, boot safe mode and run CCleaner.
After running Super, now install, update and Run Antimalware program.
This will cure what ales you, at least it does for 99%+ for me.
Good Luck!
~td99
Last edited by tripperdan99; Jul 26th, 2008 at 5:45 am. Reason: typo
Most people are on a journey to nowhere in particular and are shocked when they eventually realize they've arrived there.
---- Chris Green
---- Chris Green
yes,anti malware and super anti spyware are the best. i had this virus yesterday and i got rid of it in less than 30 minutes
Thx all for the help. I succeeded in getting rid of that dreadful virus. You all were extremely helpful. Hopefully wont have to bother you about this again. THANK YOU 
Had this virus last night. Thought I would loose all files and even the harddrive. NEVER seen such a nasty virus. Took TOTAL control of my computer. All the solutions on this thread combined help save the day (and my computer). THANK YOU to all that gave solutions (and asked the original question). I have bookmarked this site for all time!
|
Similar Threads
- Virus Alert! icon in the Notification Bar <<HELP>> (Viruses, Spyware and other Nasties)
- Virus alert! icon in sytem try maybe spyfalcon (Viruses, Spyware and other Nasties)
- Virus Alert Icon in System Tray HELP! (Viruses, Spyware and other Nasties)
- virus alert notification icon (help) (Viruses, Spyware and other Nasties)
- I get a "virus Alert" in toolbox (Viruses, Spyware and other Nasties)
- Virus alert notification (Viruses, Spyware and other Nasties)
- Virus ALert! (Viruses, Spyware and other Nasties)
Other Threads in the Windows NT / 2000 / XP Forum
- Previous Thread: Problem with repairing Windows
- Next Thread: invalid directory error
| Thread Tools | Search this Thread |
Latest Windows NT / 2000 / XP Posts
- Today's Posts
- Unanswered Threads
Related Forum Features
Tag cloud for Windows NT / 2000 / XP
.net 3.5 3daccelertion 2010 alaris application appstore audio auto black blue bluescreen book bulletin cellphones chkdsk collaboration computer crash deployment deployments desktop dns domain dotnetnuke drive dual error errors explorer features folder fontmanagers format hardware internet interoperability killprocess laptop laptops latitude lcd linux load login mac markshuttleworth memory microsoft minimalizes mobile monitor motionle1600 netbooks novell open operatingsystems oracle osx outlook partition product proxy rds remotedesktopconnection replacingraiddrive retail retrieve rootkit screen security simplifiedchinese slowperformance sp1 sp3 spyware technology ubuntu uninstall update usb verizon videogames virtual virus vista visual wab webos weecam win win32/heur window windows windows7 windowsxp windowsxpnotstartingup. worm xp xpde
