Annoying virus - Please help !
Discussion
Ok it is not a virus because it doesn't self replicate, it is malware.
If you are scanning your pc without killing the process you are pissing in the wind, get rkill and run it, you may have to run it a few times before it kills it then run malwarebytes, then download ad-aware and update it and run it, that should clear it.
you should be able to get in safe mode you probably are not catching the 2 second window.
Anyhow this malware is written by a 4 year old so the above steps should remove it.
If you are scanning your pc without killing the process you are pissing in the wind, get rkill and run it, you may have to run it a few times before it kills it then run malwarebytes, then download ad-aware and update it and run it, that should clear it.
you should be able to get in safe mode you probably are not catching the 2 second window.
Anyhow this malware is written by a 4 year old so the above steps should remove it.
I had to "fix" something similar a few weeks ago, pop ups that look like the MS warning from the taskbar, taskmanager locked out, and the guy who owned the laptop wasn't about either, so on a guest account.
he got a recovery console format instead!
combofix is pretty good at removing the awkward ones
he got a recovery console format instead!
combofix is pretty good at removing the awkward ones
Edited by TheEnd on Saturday 28th August 01:51
try Hirens boot CD
http://www.hirensbootcd.net/download.html
http://www.hirensbootcd.net/download/Hirens.BootCD...
download it , unpack it (on another PC) and burn it onto a CD using the executable in the zip file.
Then put it in your CD drive and turn the PC on it should boot from the CD
Choose to run mini windows XP
and in the system tray will be hirenscd tools app select what you want off there
it has malware bytes , super anti spyware etc.
the advantage of using the boot CD is that your hard drive is effectively inert and there is no malware running, so it is easier for the AV tools to clean the hard disk
http://www.hirensbootcd.net/download.html
http://www.hirensbootcd.net/download/Hirens.BootCD...
download it , unpack it (on another PC) and burn it onto a CD using the executable in the zip file.
Then put it in your CD drive and turn the PC on it should boot from the CD
Choose to run mini windows XP
and in the system tray will be hirenscd tools app select what you want off there
it has malware bytes , super anti spyware etc.
the advantage of using the boot CD is that your hard drive is effectively inert and there is no malware running, so it is easier for the AV tools to clean the hard disk
Egg Chaser said:
Sheets Tabuer said:
Which version of windows do you have?
how old is your pc, is it a usb keyboard?
Windows XP and a wireless usb keyboardhow old is your pc, is it a usb keyboard?
Sheets Tabuer said:
I now run IE if I have to use it in a programme called sandibox, that isolates the IE process and won't let things that run in IE run on your PC.
Interesting, but it is actually called Sandboxie.Link: http://www.sandboxie.com/
bigdods said:
Egg Chaser said:
Sheets Tabuer said:
Which version of windows do you have?
how old is your pc, is it a usb keyboard?
Windows XP and a wireless usb keyboardhow old is your pc, is it a usb keyboard?
![confused](/inc/images/confused.gif)
Aye, this one's a pain in the arse. I had it the other week. It puts something in your registry controlset settings or Windows\CurrentVersion\Run to start itself up when you start windows. You can fix it yourself if you can remove that when in safe mode.
After that it sets IE to use a proxy (which is the malware app) which is why you can't access the internet.
Once you've fixed your registry in safe mode, remove the file that it pointed to while in safe mode, startup normally, sort out the proxy setting in IE then download a suitable anti malware app and do a full scan.
Mike
After that it sets IE to use a proxy (which is the malware app) which is why you can't access the internet.
Once you've fixed your registry in safe mode, remove the file that it pointed to while in safe mode, startup normally, sort out the proxy setting in IE then download a suitable anti malware app and do a full scan.
Mike
Is it AV Security suite?
http://www.bleepingcomputer.com/virus-removal/remo...
It was a PITA for me to remove but got there with above guide.
As above I'm sure you will need to plug an older keyboard(ps/2?) in to pc in order for it to be recognized straight away to hit F8
http://www.bleepingcomputer.com/virus-removal/remo...
It was a PITA for me to remove but got there with above guide.
As above I'm sure you will need to plug an older keyboard(ps/2?) in to pc in order for it to be recognized straight away to hit F8
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff