I've been trying real hard to get rid of a virus, or should I say a couple. I've manged to find and remove some viruses using Forefron Client Security, Spyware Doctor with Anti-Virus, and Malwarebytes, Ad-Aware has been used to. Full scans.
I've been at it for multiple days but my laptop still has signs of infection, for example not being able to get into Windows Update website, forefront wont Update giving me an error 0X8007efe, and sometimes I get redirected to a website I did not want to visit. I've manually removed some Fake anti virus software but still have problems, I've stopped my computer from crashing by removing the fake AV but like I said still frustratingly getting these problems. I really dont want to do a fresh install since I dont have a CD.
Can anyone help with these problems or maybe one of them. Please and Ty in advance.
-Heau
I've been at it for multiple days but my laptop still has signs of infection, for example not being able to get into Windows Update website, forefront wont Update giving me an error 0X8007efe, and sometimes I get redirected to a website I did not want to visit. I've manually removed some Fake anti virus software but still have problems, I've stopped my computer from crashing by removing the fake AV but like I said still frustratingly getting these problems. I really dont want to do a fresh install since I dont have a CD.
Can anyone help with these problems or maybe one of them. Please and Ty in advance.
-Heau
Is it not able to scan, or coming up with nothing?
Have you tried running malwarebytes in Safemode?
Another option:
http://security.symantec.com/sscv6/WelcomePage.asp
Have you tried running malwarebytes in Safemode?
Another option:
http://security.symantec.com/sscv6/WelcomePage.asp
I dont suppose you have any back ups that you can restore from?
Ty for your quick responses. I will look into the programs u recommended. Ty. Hoping thyere free. lol
Actually no I haven't and I was actually thinking about it after I had posted, but I did run Forefront in safemode. I will try to scan in safemode, Thnx again.
Ill keep this thread posted.
Actually no I haven't and I was actually thinking about it after I had posted, but I did run Forefront in safemode. I will try to scan in safemode, Thnx again.
Ill keep this thread posted.
Lets us also know what virus it was if you do find it
It is my experience that in a case like yours the most efficient approach is to reinstall (as I assume that you do not have any images). There are viruses that damage your system such that you cannot correct the damage even if you succeed to get rid of the virus.
So I suggest that you save your data, if possible have those folders scanned on-line, just to be on the safe side ( Popular online virus scanners ) Note: #14 is excellent. Then reinstall from the recovery partition or installation disk.
For the future, I recommend you image, image, image - e.g. with this program: Imaging with free Macrium
So I suggest that you save your data, if possible have those folders scanned on-line, just to be on the safe side ( Popular online virus scanners ) Note: #14 is excellent. Then reinstall from the recovery partition or installation disk.
For the future, I recommend you image, image, image - e.g. with this program: Imaging with free Macrium
�� Quote: Originally Posted by whs 
For the future, I recommend you image, image, image - e.g. with this program: Imaging with free Macrium
It very well may come to a clean install or re-image, I know I would.
Although I personally prefer Acronis, I can not tell you how many times a System Image has been a huge benefit to me.
In addtion to the advice whs has given:
I would also recommend that, if you do a clean install, As soon as your up and running activate Windows and make a clean system Image right then, with whichever program you prefer.
This way, worse case scenario, you ALWAYS have a clean Image of the OS disk, thats already activated, with nothing installed in case you wish to start fresh.
You can then save that Image to a DVD, external drive, or whatever. Just keep it somewhere safe.
�� Quote: Originally Posted by thathagat AVG: AVG - AVG Rescue CD
F-Secure: http://www.avg.com/us-en/avg-rescue-cd#tba3
Kaspersky: http://devbuilds.kaspersky-labs.com/devbuilds/RescueDisk10/
and many others, these were only examples. (I personally recommend using Kaspersky)
Well I was able to remove the virus but guess what? It came back with a different name. I think I might need to clear the regisrty keys or something, malwarebytes is removing the virus but it keeps coming back, i might have to manually delete the regisrtry files. How is doing it's job by identifying these viruses? And I still havent gotten it to update. I might spend hours maybe days trying to fix this but it'll be worth it because i dont want to wipe out the system and start fresh. I've learned a lesson here, Download stuff on my desktop first then transfer it to my laptop. lol. I know viruses makes people money by giving companies the chance to make AV software but oh well this is just frustrating. I hate viruses. I'd rather do it manually sadly there arent alot of guides on how to do it. And there are so many viruses and they change the names. really difficult. does windows 7 come with a firewall? do Apple OS get viruses if installed on another computer other than a Apple computer? And ty very much to all u humans that helped.
Hi heaumanepunk,
Well, after you've tried so many different options, it sounds like this isn't malware or if it is, it's extremely difficult to find. What I'd recommend is getting someone with qualifications from either ASAP or UNITE to look at your computer. Have you heard of HijackThis? It's a diagnosis tool used to get a reading of your system and browser configurations. HijackThis Analysts can usually, by looking at your log, give you instructions on how to remove infections (with the aid of other, more targeted tools).
Yeah, scanning with MBAM, SAS, NOD32, and all the rest is good, but if this is a recent form of malware or if it's fully undetectable, you're going to need someone to take a further look. Of course, if you don't want to do this there are other options such as System Restore and reinstallations, but these are last chance options.
You can visit Tech Support Guy or a variety of other malware removal communities if you want someone to take a look at your system. Good luck!
Thanks,
Harvey Meale
Well, after you've tried so many different options, it sounds like this isn't malware or if it is, it's extremely difficult to find. What I'd recommend is getting someone with qualifications from either ASAP or UNITE to look at your computer. Have you heard of HijackThis? It's a diagnosis tool used to get a reading of your system and browser configurations. HijackThis Analysts can usually, by looking at your log, give you instructions on how to remove infections (with the aid of other, more targeted tools).
Yeah, scanning with MBAM, SAS, NOD32, and all the rest is good, but if this is a recent form of malware or if it's fully undetectable, you're going to need someone to take a further look. Of course, if you don't want to do this there are other options such as System Restore and reinstallations, but these are last chance options.
You can visit Tech Support Guy or a variety of other malware removal communities if you want someone to take a look at your system. Good luck!
Thanks,
Harvey Meale
As I said earlier, save your data and scan it on-line. Then reinstall. That will be a lot less effort than trying to chase the thing. In the future you should do frequent imaging so that you can easily recover. A good AV program will also help - free Avast or MSE come to mind.
But if you want to be less targeted by the malware producers, you can always use Linux as your OS.
But if you want to be less targeted by the malware producers, you can always use Linux as your OS.
Update Malwarebytes and try another quick scan?
If the rogue AV does get cleaned up then the proxy hijacks could still be around hence the connection problems.
Bring up Internet Options - Connections tab- LAN Settings and make sure "Use a proxy server...." is unticked.
If the rogue AV does get cleaned up then the proxy hijacks could still be around hence the connection problems.
Bring up Internet Options - Connections tab- LAN Settings and make sure "Use a proxy server...." is unticked.
Something you might want to try is doing a scan with a Live Boot CD. A well programmed virus will remain on your PC, besides your best efforts, because it is able to hook into various windows services and make it very hard to be deleted. Not to mention, unless you find the specific files which contain its "regeneration code," often stored in a dll, the virus will simply reappear.
Using a Live Boot CD addresses all these aspects of a virus, because you can scan your Hard Drive while the operating system is not running. Because your OS is not running, the virus cannot hook into any services to protect itself, and because it is not running, it cannot detect that it is being deleted. Some of the hardest viruses to delete are easily eliminated when a Pre-Boot or Live CD Boot is ran.
The nice thing is that virtually all Anti Virus Live Boot CD's are free. You simply need to download them, burn them to a CD, and then reboot your computer with your boot cd in your CD-ROM. Click here to view a list of the 13 best Anti Virus Live Boot CD's.
Also, some Anti virus programs, like Avast Free Edition, do allow you to run a pre-boot scan. This is the same thing as running a Live CD scan, except you don't need the Live CD. You simply tell Avast to do a scan the next time you boot your computer.
Good Luck!
Using a Live Boot CD addresses all these aspects of a virus, because you can scan your Hard Drive while the operating system is not running. Because your OS is not running, the virus cannot hook into any services to protect itself, and because it is not running, it cannot detect that it is being deleted. Some of the hardest viruses to delete are easily eliminated when a Pre-Boot or Live CD Boot is ran.
The nice thing is that virtually all Anti Virus Live Boot CD's are free. You simply need to download them, burn them to a CD, and then reboot your computer with your boot cd in your CD-ROM. Click here to view a list of the 13 best Anti Virus Live Boot CD's.
Also, some Anti virus programs, like Avast Free Edition, do allow you to run a pre-boot scan. This is the same thing as running a Live CD scan, except you don't need the Live CD. You simply tell Avast to do a scan the next time you boot your computer.
Good Luck!
It's time time punt the OP system, I agree 100 percent with WHS, even if you get the virus off your system it can never be trusted again.
ty for all the tips and suggestions, malwarebytes deleted a couple viruses today. Safe Mode but as im tryin to boot the laptop up the damn bluescreen pops up and i still cant go to windows update websites plus sometimes I get redirected. Wat if i dont have a Windows 7 CD? I have windows 7 Enterprise on it. I have Avast! so ill try the scan before it boots option, if i can find it. I changed the proxy settings ty but it still doesnt let me go to windows update site and redirects me to a site i do not want to go. WHS wat do u mean by scan it on-line. Then reinstall.
Thnx again for the info all of u. Ill keep on fighting this even though its frustrating. So where do viruses hide? DLL. where do i find that? Ill google it.
Pre-boot scan INITIATED!
Didn't scan.......trying again.....
Thnx again for the info all of u. Ill keep on fighting this even though its frustrating. So where do viruses hide? DLL. where do i find that? Ill google it.
Pre-boot scan INITIATED!
Didn't scan.......trying again.....
Friend, where are you going on the interwebz that you are picking up all of these viruses?? Where did you get your copy of Windows from??
For the areas of the internet that you are visiting, I suggest you run your browser in Sandboxie. That isolates the browser from the system and any possible infection will automatically disappear with the end of the session.
IMO, the only and quickest way to resolve your issue is going to be a format/reinstall of the OS... You seem to have had no success with the suggested methods of cleaning your computer so far. Good luck.. 
Well to be honest, I do download a lot of stuff. The Avast preboot scan is running now 
.
I tis my fault and I know I always risk it, even though sometimes the PC at home gets infected when I dont download alot of things so either way it'll get infected, and I knowit'll get infected faster by downloading things. I visit blogs mostly, and sites I shouldn't. So i'll stop that. lol. I know I risk it when going to those sites so thats whyi'm not giving up because i knew it would happen sooner or later. I guess i though Windows 7 was like MAC, it didnt get viruses lol.
pre boot found mirc-z PUP in the MIRC folder, and i deleted it , is it a virus?
It was already installed on the lappy. so i dont have the CD
can i make one?
I was reading somewhere that u can make a windows 7 CD using windows.
.I tis my fault and I know I always risk it, even though sometimes the PC at home gets infected when I dont download alot of things so either way it'll get infected, and I knowit'll get infected faster by downloading things. I visit blogs mostly, and sites I shouldn't. So i'll stop that. lol. I know I risk it when going to those sites so thats whyi'm not giving up because i knew it would happen sooner or later. I guess i though Windows 7 was like MAC, it didnt get viruses lol.
pre boot found mirc-z PUP in the MIRC folder, and i deleted it , is it a virus?
It was already installed on the lappy. so i dont have the CD
can i make one?
I was reading somewhere that u can make a windows 7 CD using windows.
Does your laptop have a recovery partition that you can restore from???
Download the trial version of Enterprise and reinstall it ..
http://technet.microsoft.com/en-us/e.../cc442495.aspx
Download the trial version of Enterprise and reinstall it ..
http://technet.microsoft.com/en-us/e.../cc442495.aspx
Quote:
pre boot found mirc-z PUP in the MIRC folder, and i deleted it , is it a virus?
Quote:
I visit blogs mostly, and sites I shouldn't. So i'll stop that. lol. I know I risk it when going to those sites so thats whyi'm not giving up because i knew it would happen sooner or later.
No-Script: The NoScript Firefox extension provides extra protection for Firefox, Flock, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java and Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank), and provides the most powerful Anti-XSS protection available in a browser.
NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality...
You can enable JavaScript, Java and plugin execution for sites you trust with a simple left-click on the NoScript status bar icon (look at the picture), or using the contextual menu, for easier operation in popup statusbar-less windows.
AdBlock Plus: Annoyed by adverts? Troubled by tracking? Bothered by banners? Install Adblock Plus now to regain control of the internet and change the way that you view the web. You can also choose from over forty filter subscriptions to automatically configure the add-on for purposes ranging from removing online advertising to blocking all known malware domains.
Thnx i have firefox on the PC but not on laptop. Why does'nt microsoft fix IE so it can work like firefox? , let me guess...to sell you programs? sounds right.
Avast is doing good, Its still scanning, it showing corrupt files, does it delete them by itself?
so if i download the trial and put in the serial i have it will it install as full verion?
would there be a way to update enterprise to Windows 7 Ultimate or something else?
Avast is doing good, Its still scanning, it showing corrupt files, does it delete them by itself?
so if i download the trial and put in the serial i have it will it install as full verion?
would there be a way to update enterprise to Windows 7 Ultimate or something else?
Quote:
would there be a way to update enterprise to Windows 7 Ultimate or something else
Enterprise is basically the same as Ultimate, so there would be no benefit to "upgrade". As long as you have a legitimate key, all you should need to do is enter it, then activate it...
This is where i got the idea from. Is it even legal
How to upgrade Windows 7 Enterprise to Windows 7 Ultimate — Jas Dhaliwal's Blog
Origin?
How to upgrade Windows 7 Enterprise to Windows 7 Ultimate — Jas Dhaliwal's Blog
Origin?
Origin - was it preinstalled on your system when you bought the PC or did you buy it seperately.
�� Quote: Originally Posted by heaumanepunk This is where i got the idea from. Is it even legal
How to upgrade Windows 7 Enterprise to Windows 7 Ultimate — Jas Dhaliwal's Blog
Origin?
How to upgrade Windows 7 Enterprise to Windows 7 Ultimate — Jas Dhaliwal's Blog
Origin?
Quote:
So where do viruses hide? DLL.
What I mean is, you may have a process (a program running) in taskmanager called Svchosts.exe. Now that may seem legitimate, but the actual windows process that is really from windows is called Svchost.exe. Just by adding that s to the end of the program name, you have hidden yourself from a large number of user's.
Also, it is possible for programs to open all types of handles and hooks into other programs, which makes them difficult to delete (if running the OS or in SafeMode). Handles are data structures that represent open instances of basic operating system objects applications interact with, such as files, registry keys, synchronization primitives, and shared memory ( see Pushing the Limits of Windows: Handles - Mark's Blog - Site Home - TechNet Blogs ). Your anti virus product may or may not be able to close the handle. In cases where it can't, it will likely tell you to restart. But at that point, a virus can detect that a restart is imminent. It can also detect if it has been scheduled to be moved (aka deleted). It can detect if a change was made to the registry, meaning a change to its registry entries, and will respond by just renaming itself and/or moving itself somewhere else--and the infection will just continue.
There are ways to find out what a virus is doing, including where it is hiding, what resources it is hooking into, how it is regenerating, etc. Sys Internals tools and a solid understanding of Windows Internals ( see here is where you would want to start.
With A Live Boot CD, because the OS is not running, the program is also not running, and therefore you can delete a virus and the virus will not be aware of what is going on. This is often the best way to go about getting rid of a virus. However, there are even limitations to this. Namely that, if your Anti Virus may not be aware of (have a signature for ) the virus that infected you. And if that is the case, then it will simply skip by the file.
And of course, the best thing to do is to re-format your PC, if this is not too much of an inconvenience. It is not always necessary, but it almost works
Ty for that info dranfu, i will read all of it after this post. As for the virus, hopefully a Sys Restore will work...I konw im changing the subject but, it would be nice to make my own operating system......like ubuntu or MAC or some other linux OS that starts with an F....Maybe someday......its funny how we all want to do things but only some tend to follow through....well hopefully the virus gets wiped out...ty again for the virus info.
Quote:
Avast is doing good, Its still scanning, it showing corrupt files, does it delete them by itself?
1. Delete Virus
2. Delete All Viruses
3. Quarantine Virus
4. Quarantine All Viruses
5. Etc
6. Etc
Notice the 2nd option, to delete all viruses. When you select that option, you are telling Avast to delete every virus it finds, and to not bother asking you for permission to delete when it finds another one. If you select the first option, it will ask you every time if you want to delete a virus.
Hope that made sense
Quote:
I konw im changing the subject but, it would be nice to make my own operating system......like ubuntu or MAC or some other linux OS that starts with an F....Maybe someday.
enjoy
So............Any updates on the virus?
Well It is alway easier to blame Microsoft right? 
Can't help but notice that you are not really giving straight answers where you got the windows 7 enterprise. You said it was installed on your lappy but also installed on the desktop? same os, same key?
Since it is distributed only for Business use. I really wonder where you got it. If it is not a legit source, then you are in a deep trouble my friend. Free OS comes with Freebies you might not like
Can't help but notice that you are not really giving straight answers where you got the windows 7 enterprise. You said it was installed on your lappy but also installed on the desktop? same os, same key?
Since it is distributed only for Business use. I really wonder where you got it. If it is not a legit source, then you are in a deep trouble my friend. Free OS comes with Freebies you might not like
Just out of curiosity, what AV product were you using when you got hit with the infections?
�� Quote: Originally Posted by heaumanepunk
�� Quote: Originally Posted by heaumanepunk I've been trying real hard to get rid of a virus, or should I say a couple. I've manged to find and remove some viruses using Forefron Client Security, Spyware Doctor with Anti-Virus, and Malwarebytes, Ad-Aware has been used to. Full scans.
I've been at it for multiple days but my laptop still has signs of infection, for example not being able to get into Windows Update website, forefront wont Update giving me an error 0X8007efe, and sometimes I get redirected to a website I did not want to visit. I've manually removed some Fake anti virus software but still have problems, I've stopped my computer from crashing by removing the fake AV but like I said still frustratingly getting these problems. I really dont want to do a fresh install since I dont have a CD.
Can anyone help with these problems or maybe one of them. Please and Ty in advance.
-Heau
I've been at it for multiple days but my laptop still has signs of infection, for example not being able to get into Windows Update website, forefront wont Update giving me an error 0X8007efe, and sometimes I get redirected to a website I did not want to visit. I've manually removed some Fake anti virus software but still have problems, I've stopped my computer from crashing by removing the fake AV but like I said still frustratingly getting these problems. I really dont want to do a fresh install since I dont have a CD.
Can anyone help with these problems or maybe one of them. Please and Ty in advance.
-Heau
I believe that the OP has abandoned this thread...
�� Quote: Originally Posted by Tews I believe that the OP has abandoned this thread...
�� Quote: Originally Posted by whs �� Quote: Originally Posted by Tews I believe that the OP has abandoned this thread...
While the OP might have gone --the answer IMO is still the same -- I DO NOT TRUST ANY AV PRODUCT WHATSOEVER TO BE ABLE TO CLEAN AN INFECTED COMPUTER. - NOTE THIS IS DIFFERENT FROM PROTECTING A COMPUTER.
The only sensible way forward if your computer IS infected is a COMPLETE REFORMAT of the disk(s) and either a new OS install or restore from CLEAN uninfected backups.
Any other solution --well I wouldn't trust a machine since there is no such thing as 100% protection in any case.
Cheers
jimbo
�� Quote: Originally Posted by jimbo45 �� Quote: Originally Posted by whs �� Quote: Originally Posted by Tews I believe that the OP has abandoned this thread...
While the OP might have gone --the answer IMO is still the same -- I DO NOT TRUST ANY AV PRODUCT WHATSOEVER TO BE ABLE TO CLEAN AN INFECTED COMPUTER. - NOTE THIS IS DIFFERENT FROM PROTECTING A COMPUTER.
The only sensible way forward if your computer IS infected is a COMPLETE REFORMAT of the disk(s) and either a new OS install or restore from CLEAN uninfected backups.
Any other solution --well I wouldn't trust a machine since there is no such thing as 100% protection in any case.
Cheers
jimbo
Hi WHS
I'd go a bit further than that --just restoring an image on a single partition might not do the trick if the infection is lurking in data on another partition --which is why I'd recommend wiping the ENTIRE DISK and THEN restoring clean images and data.
Even if you have a SINGLE disk image I'd still do the reformat just to make sure --and I'd do the reformat from either a Windows install disk or from another "Live disk" such as a Linux Live CD / Gparted / etc.
Don't use the infected system's OS to "Cleanse" your disk.
Cheers
jimbo
I'd go a bit further than that --just restoring an image on a single partition might not do the trick if the infection is lurking in data on another partition --which is why I'd recommend wiping the ENTIRE DISK and THEN restoring clean images and data.
Even if you have a SINGLE disk image I'd still do the reformat just to make sure --and I'd do the reformat from either a Windows install disk or from another "Live disk" such as a Linux Live CD / Gparted / etc.
Don't use the infected system's OS to "Cleanse" your disk.
Cheers
jimbo
�� Quote: Originally Posted by jimbo45 Hi WHS
I'd go a bit further than that --just restoring an image on a single partition might not do the trick if the infection is lurking in data on another partition --which is why I'd recommend wiping the ENTIRE DISK and THEN restoring clean images and data.
Even if you have a SINGLE disk image I'd still do the reformat just to make sure --and I'd do the reformat from either a Windows install disk or from another "Live disk" such as a Linux Live CD / Gparted / etc.
Don't use the infected system's OS to "Cleanse" your disk.
Cheers
jimbo
I'd go a bit further than that --just restoring an image on a single partition might not do the trick if the infection is lurking in data on another partition --which is why I'd recommend wiping the ENTIRE DISK and THEN restoring clean images and data.
Even if you have a SINGLE disk image I'd still do the reformat just to make sure --and I'd do the reformat from either a Windows install disk or from another "Live disk" such as a Linux Live CD / Gparted / etc.
Don't use the infected system's OS to "Cleanse" your disk.
Cheers
jimbo
I have XP on the desktop. LOL. Enterprise on Laptop.
Well i did a system restore and no more Blue SCREEN!
I lost some programs but its ok. Image recovering? what would that be? system restore?
I kept reinstalling, how can it do that???? how can it keep reinstalling itself???
Well I appreciate all of your help...
Laptop is back to normal even though the graphic driver keeps crashing at times, it hasnt crashed today so thats good. The driver restarts and gives a message when it crashes I googles it and supposeably its been reported alot.
Well i did a system restore and no more Blue SCREEN!
I lost some programs but its ok. Image recovering? what would that be? system restore?
I kept reinstalling, how can it do that???? how can it keep reinstalling itself???
Well I appreciate all of your help...
Laptop is back to normal even though the graphic driver keeps crashing at times, it hasnt crashed today so thats good. The driver restarts and gives a message when it crashes I googles it and supposeably its been reported alot.
Không có nhận xét nào:
Đăng nhận xét