I think I might have a virus

21
Found 29th Jul 2010
Saxo_appeal is gonna kill me!!!!

I was on facebook when all of a sudden things started popping up on my screen about antivir security. I have never seen this on the comp and now I can't use the Internet. I took pics with my phone so I will post the pics I took. Please tell me it's fixable. We have avast antivirus so I don't know what or how this thing has got through and it keeps popping up explicit website and gambling websites. Just waiting on the photobox app to upload the pics before I can post them on here...

Help from anyone would be fab!!

21 Comments

Original Poster

http://i682.photobucket.com/albums/vv185/lisanicol88/47c54c1c.jpg
http://i682.photobucket.com/albums/vv185/lisanicol88/31293149.jpg
http://i682.photobucket.com/albums/vv185/lisanicol88/e4110033.jpg

You have access to another pc? If so full instructions for removal are here

bleepingcomputer.com/vir…pro

If not the instructions are pretty much open start your computer in safe mode with networking (restart and hit the F8 key several times as your pc is starting up). Then open internet explorer, go to tools, internet options, click connections and then LAN settings. Untick the use a proxy server option and you should be able to use the internet freely again.

Then download RKill and run that followed my Malwarebytes Anti Malware (make sure to update this first).

And that should be it
Edited by: "WinterSoldier5" 29th Jul 2010

switch it off then switch it back on.

Original Poster

http://i682.photobucket.com/albums/vv185/lisanicol88/294dfcbf.jpg

And then I did an avast scan and this is what it said-
http://i682.photobucket.com/albums/vv185/lisanicol88/51f84e44.jpg

Original Poster

Not another pc just my iPhone will that do the trick???

If it can download files and transfer to pc then possible, I dont really know as ive never owned one :P

Your own pc may allow you to download the files anyway but chances are that rogueware is going to try and stop you.
Edited by: "WinterSoldier5" 29th Jul 2010

I had this but only one pc at the time so couldn't do anything about it ended up someone had to flatten the pc and start again but I've learned my lesson now as soon as something pops up that is not my antivirus or looks exactely like it saying I have a virus don't click on anything, come off line close everything down then turn off and on again.
Wintersoliders advice seems best way go.

Original Poster

Yikes I am clueless!! Think I will have to take the wrath from Lee when he gets home oh boy!!!

Original Poster

Cheers anyway guys

crazyblondechick

Cheers anyway guys



Shut it down , dont crack on youve been near pc, then wait and see what happens when he powers it up , oh and hope he doesnt see this thread , lol(_;)

Download MalwareBytes and run from safe mode.

Hi, YES you have a virus. Or to be accurate you’re like to have a dozen or so of two or three dispersed over you PC.

But don’t worry they can be removed:

Ideally you need to do the downloads on another clean pc to stop the virus interfering with your burning but if you cannot get access this still may work on the current system.

PRINT this out it might help you:

Firstly got to this web site: support.kaspersky.com/vir…l=2
and download the virus removal tool (2010).

Secondly go to this web site support.kaspersky.com/vir…l=2
and download the rescue disk

Burn the first file onto a blank CD (don’t use a flash drive or this will become infected)

Using Nero or other similar program burn the rescue disk (it is an image file) onto another blank CD.

When you have both cds burnt shut down the PC and restart it holding down the ‘DELETE’ key.

You should them have the BIOS set-up page

Change the boot order of the pc to CDROM first, then HDD, save and exit - make sure you have the rescue disk in your cd/dvd drive !!!!

The rescue disk will then boot up the pc (using a linux interface like windows) and then open a virus removal program.

Run this in a deep scan mode with auto delete enabled (see settings), and let it run its course.

Once complete RUN THE SCAN AGAIN – this virus can be a pig so this makes sure.

If the second scan shows clean, shutdown the pc, reset the bios to HDD first boot and restart HOLDING DOWN THE “F8” key (note some motherboards use this as a boot option menu just prior to you being presented with a “safemode” boot menu. YOU WANT SAFE MODE – still F8 only just wait a few seconds.

From safemode load/install the removal tool and run. It will give a pop-up about using it in safemode and ask to reboot - ingore this balloon (your in safemode!) and run the program scan. This will look like the previous one and runs the same way but seems to better identify key-loggers and other nasties.

Run this twice – the second run should be clean

Your pc should be clean now, but you will need to get a better virus checker / or update Windows as this virus uses an open backdoor – now recently shut in a security update from MS.

Hope this helps.

JC.

Edited by: "ZerocoolJ" 29th Jul 2010

DragonChris

Download MalwareBytes and run from safe mode.



Safe mode will not normally help as the virus active even there and will still be present - I've seen a few hundred instances like it where people think there system is clean, only to find a problem soon after - normally the same virus or a variant.

might as well have it's run slow ever since.

DragonChris

Download MalwareBytes and run from safe mode.



Finally (_;)

Banned

This site should sort you out:-

Your text here

Original Poster

csiman

This site should sort you out:-Your text here



Pmsl

sparkyIreland

Finally (_;)



It doesn't work with this malware - tried it and no success.

Banned

i think this site might have a virus,going crazy at the mo...

Banned

csiman

This site should sort you out:-Your text here


Congrats on having a GSOH

would rep but..... lol
Post a comment
Avatar
@
    Text