ANOTHER COMPUTER VIRUS PLEASE HELP

17 replies
Found 3rd Apr 2011
My computer is infected with ms tools virus i can't get on the internet or run my anti virus i am in safe mode at the moment just need to find it and delete it like i did with a previous system tools virus does anyone know where i can find it within the computer

  1. Misc
Groups
  1. Misc
16 Comments

1. First of all, Click on Start—>Settings—Control Panel.
2. Double-click the ‘Network Connections’ icon and right click ‘Local Area Connection’.
3. Select ‘Properties’ from the menu and highlight the ‘Internet Protocol (TCP/IP)’ option.
4. Click ‘Properties’ and in the next window ensure the option ‘Obtain DNS server address automatically’ radio button is selected.

Above steps ensures that you are not going through a malicious DNS server in Internet Explorer and other browsers. Now you need to clean out the registry :

1. Please run your computer in “Safe Mode with Networking” mode. Please note that this virus protects itself in the normal mode, therefore booting up your PC in safe mode is required.
2. Please click on Start—>Run and type “regedit” and click on OK. This will show registry editor. Please find and delete these registry keys :

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "[YOU’LL FIND RANDOM CHARACTERS HERE]

3. Please locate and delete these infected files and dlls from your computer.

c:\Documents and Settings\All Users\Application Data\[random]\[random]
c:\Documents and Settings\All Users\Application Data\[random]\[random].exe
c:\Users\All Users\AppData\Roaming\[random]\[random]
c:\Users\All Users\AppData\Roaming\[random]\[random].exe
C:\Documents and Settings\All Users\Application Data\fHrPqDaZcCg02547\fHrPqDaZcCg02547.exe

Only try this if you are confident you know what you are doing

Edited by: "simplex" 3rd Apr 2011

Original Poster

simplex

1. First of all, Click on Start—Settings—Control Panel.2. Double-click t … 1. First of all, Click on Start—>Settings—Control Panel.2. Double-click the ‘Network Connections’ icon and right click ‘Local Area Connection’.3. Select ‘Properties’ from the menu and highlight the ‘Internet Protocol (TCP/IP)’ option.4. Click ‘Properties’ and in the next window ensure the option ‘Obtain DNS server address automatically’ radio button is selected.Above steps ensures that you are not going through a malicious DNS server in Internet Explorer and other browsers. Now you need to clean out the registry :1. Please run your computer in “Safe Mode with Networking” mode. Please note that this virus protects itself in the normal mode, therefore booting up your PC in safe mode is required.2. Please click on Start—>Run and type “regedit” and click on OK. This will show registry editor. Please find and delete these registry keys :HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "[YOU’LL FIND RANDOM CHARACTERS HERE]3. Please locate and delete these infected files and dlls from your computer.c:\Documents and Settings\All Users\Application Data\[random]\[random]c:\Documents and Settings\All Users\Application Data\[random]\[random].exec:\Users\All Users\AppData\Roaming\[random]\[random]c:\Users\All Users\AppData\Roaming\[random]\[random].exeC:\Documents and Settings\All Users\Application Data\fHrPqDaZcCg02547\fHrPqDaZcCg02547.exeOnly try this if you are confident you know what you are doing


i am not confident and i don't know what i am doing

run full malware bytes scan in safe mode with networking.

Always used avg and everyone said try mse2, 2 days days later i had this virus,do what Damnome said but update before running,hopes this gets rid.

Stop looking at porn

Original Poster

please any decent suggestions i cannot get on the internet to download anything

As above: Restart the computer, keep tapping F8 as it boots up and choose the safe mode with networking option. Then go to malwarebytes.org and download the free version. Once it's installed do a scan.

Original Poster

can't get on the internet so how am i suppose to download anything

jtx

As above: Restart the computer, keep tapping F8 as it boots up and choose … As above: Restart the computer, keep tapping F8 as it boots up and choose the safe mode with networking option. Then go tohttp://www.malwarebytes.org and download the free version. Once it's installed do a scan.


kiraangel

can't get on the internet so how am i suppose to download anything



Are you in safe mode with networking?

System Restore?

kiraangel

can't get on the internet so how am i suppose to download anything




soo how you connect now ?

Format drive and reinstall windows best what you can do
Edited by: "tasman23" 3rd Apr 2011

tasman23

soo how you connect now ? Format drive and reinstall windows best what … soo how you connect now ? Format drive and reinstall windows best what you can do



In my (limited) experience these things run automatically as windows is started and then block access to the internet. Safe mode should stop it starting and with networking should give you an internet connection, formatting and loosing everything is a bit harsh at this stage imo oO

Search hukd for virus. Narrow search to 'misc' and sort by date. There are loads of threads with the same issue. Look through those to save everyone typing the same thing yet again.
Edit: I'm not being funny but if it's exactly the same problem as you had 7 weeks ago, why couldn't you just revisit the thread you made last time hotukdeals.com/mis…307 when you said you cured it?
You're just wasting people's time here.

Be aware that there are loads of web pages that set off virus alert warnings. Often they are set up to pose as real virus alerts but trick you into installing a file onto your pc. SCAMS.

Whenever you get an alert be aware of the AV package you have installed on your pc. If something else tells you there is a virus, close out of the webpage and DO NOT install the file it tells you to install.

what security were you using that let this thru?
Post a comment
Avatar
@
    Text
    Top Discussions
    1. Driving anxiety.2737
    2. Tablet recommendation ror 5yr old- ideally with a stylus11
    3. Bean to cup machine11
    4. Incorrect Amazon refunds - how can I make sure they don't owe me any more m…818

    See more discussions