Evil virus O' Doom has taken control of my comp...halp

[LPM]

I've got a major problem.

Sometime when I wasn't looking, my computer got a nasty virus. it changed the wallpaper to sway "Your system is infected with a virus" followed by a paragraph riddled with spelling errors and grammar fails that tells me to get some obviously phony spyware protection thing.

The only program i could run when i got it was internet explorer (which opened up to the virus page) and Firefox. everything else closed with an error that said "this file is infected, please run your anti virus software now."

after a long quest of browsing other forums and articles, and after a malwarebytes scan, and AVG 8.5 scan and a Microsoft OneCare scan, the problem has gone away...sort of.

programs no long close with the error message, now they just crash and lock up the computer if its anything more complex than say notepad or a browser. the wallpaper is still there, and when i go to properties to change it, the entire background tab is grayed out and i cant change it.

i'm waiting for my computer to reboot now so i can run a hijackthis, but last time i ran it it froze the computer. If i manage to get a hjt log, I'll post it here later.

If anyone has any ideas on how to get rid of the rest of this damn virus, PLEASE bring it to my attention. I'd love to get this solved and done with ASAP.


Regards,
LPM

More News:

HJT still freezes when i try to run it.
even worse, trying to boot in safe mode just makes my computer bluescreen.

shit, now what?

 

[smajer]

Hello,

I had the same exact issue on a pc i just fixed. I could not load anything from the main system. I was able to boot from safemode. I loaded up Malwarebytes, Avira, and CCleaner in safe mode. I updated AVG and MB and run full scans. Picked up hundereds. I then rebooted, ran them again in safe mode. Picked up 3-4 more. I rebooted, scanned again, no more showed up. I then ran CCleaner and the CCleaner registry fix (backup registry first). Cleared a bunch of junk, rebooted windows normal and all has been working fine.

 

[LPM]

the fight is over...finally

it was a tough fight to get rid of this thing.

I hit it with virus scan after virus scan, until it was weakened. I caught it off guard and dazed it with a system restore point, and then finished it off with a malwarebytes/AVG/McAfee combo strike.

crisis averted, topic can be closed now.

 

[Concordedly]

The way you described this virus 'battle' reminds me of playing FFVII: Crisis Core. When you get into a fight the game says, "Activating Combat Mode" and then when you are finished it says, "Conflict Resolved"

You described it like taking down a boss in WoW ^_^

 

[johnb35]

it was a tough fight to get rid of this thing.

I hit it with virus scan after virus scan, until it was weakened. I caught it off guard and dazed it with a system restore point, and then finished it off with a malwarebytes/AVG/McAfee combo strike.

crisis averted, topic can be closed now.

Are you sure you are clean? Go ahead and post a hijackthis log and we'll look it over.

 

[microsoft]

The ultimate method

when ever you notice any of these symptoms below
•Slow computer, and/or slow internet connection.
•Strange pop-ups or web browser redirections (beyond those expected from dodgy websites).
•Program failure, or inexplicable errors (even after a fresh install).
•System functions unavailable (eg: Control Panel, Task Manager, Internet Explorer).
•System giving a "RPC error", giving a window with a 30 second countdown to a restart.
•Excessive internet cap usage, i.e high internet traffic on your computer.

Then you may have a virus (or any other malware), you should take these steps immediately. The following procedures work for most viruses or malware (except perhaps for completely new, unknown or unusually malignant strains). It is better to complete all steps, so you can be (reasonably) sure that all traces have been removed.

STEPS
1.Confirmation and Preliminary Action:
◦Make a list of ways your computer is showing signs of abnormal operation. Satisfy yourself that these signs are not due to hardware failure or problems with attached equipment. Sometimes people misdiagnose software problems (such as bugs in Outlook Express or printer drivers) as virus activity. Also, problems with the Registry can be a source of errors, this happens if you install and uninstall lots of programs.
◦Run your virus-scanner, but beware, many modern viruses can circumvent (or hide from) common anti-virus programs. Norton Antivirus and Mcafee have both been seen to exhibit this weakness, or seem unable to remove certain strains.
2.Check access to System Restore & the Internet.
1.Check computer for system access - Try to disable System Restore - right-click My Computer and select properties. Turn off System Restore on all drives.
2.Download and install new Anti-Virus. Both AVG Free Edition and Avast! are highly acclaimed programs. Install one of them. Update the program's virus definitions. Don't scan for viruses yet.
3.Install Spybot Search & Destroy or Webroot Spysweeper, and update its definitions. Don't scan for malware yet.
4.Install Adaware Personal Edition and update its definitions. Don't scan for malware yet.
3.Reboot into Safe Mode - Restart your computer and press F8 before Windows loads. Press F8 several times if you need to. Select Safe Mode from the resulting menu. Safe Mode disables much of the startup routine (including some common Malware hiding places).
4.Run your Anti-Virus - Run the freshly installed Anti-Virus. And Heal or Delete any references to Malware.
5.Run your Malware Scanners - Run both the scanners sequentially, deleting any references found.
6.Reboot and turn System Restore back on.
7.Enjoy your sanitised computer.

Tips
•If these steps are difficult to follow or impossible to achieve, please call a computer service professional (such as the one who wrote this HowTo!).
•Disabling System Restore and booting in Safe Mode are especially important if the malware is difficult to remove normally.
•Should you follow these steps and there is still signs of infection. You can take the following advanced steps:
1.Create a boot disk.
2.Add scanning tools to the boot disk.
3.Boot and scan using the boot disk.
•If all else fails:
1.Connect a USB hard drive to your computer
2.Save onto it your important files, such as documents, emails and favorites.
3.Use your Install disc to format your hard drive and reinstall your operating system.
4.Discover which virus strain it is, this usually is indicated by the anti-virus. Do a search on a reliable search engine like google, for the "virus name", with "removal" followed after it. The specific virus removal tool can be downloaded for free, and used it with ease. Restart the computer, and boot into "safe mode". Run the removal tool in "safe mode", remembering to follow any given instructions to the letters. Note these instructions are on the site where the tool was downloaded from.
•If this cannot help to get rid of the virus from your computer, the last thing you can do is to contact the computer manufacturer or reinstall the system either yourself or an expert.

Warnings
•It is always safer to call on a computer expert to perform procedures that you are not sure about. There is always a chance that you could disable your system and lose valuable data.
•Removing Viruses and Malware often takes several hours.And be sure you have plenty of time available. more