Forum time display is UTC  





Post new topic Reply to topic
  Print view

  VIRUS HELP!!!
Author Message
    PostPosted: Wed Dec 19, 2012 12:09 am 
BacoTroll
Offline

Posts: 2520
Joined: Fri Jun 27, 2008 10:18 am
Location: Australia
Hi Techies,

My GF somehow got a virus on her computer. Its that Ulock one where it locks your comp and attempts to make you pay to have it unlocked.

Now i searched around and I have run in safe mode with networking.

Ran the Kaspersky TDSSkiller (or something), rougekiller AND malwarebytes (it even updated before it scanned). I did a full system scan and it found some things, but still when you start it the computer locks.

Any suggestions?

One site said the registry key it uses, i can get to the registry, but that file named is not there.


Top
 
 Profile  

 

  Re: VIRUS HELP!!!
    PostPosted: Wed Dec 19, 2012 2:55 am 
President
User avatar
Offline

Posts: 16583
Joined: Wed Apr 19, 2006 1:08 pm
The virus probably installed a "rootkit" which allows it to hide from many methods of detection and/or be able to take control of the machine upon booting.

Do you have any other disk or CD-ROM/DVD where you have or could install windows? Then you could start from this fresh install, and run everything from it, with your current HD as secondary (data only) disk.

Anyhow, try the following:

Get rid of all the software you installed to fix your problem. I mean it because those installs could interefre with each other.

Then try what is described here, step by step (don't bypass one). The treatment for rootkits starts step 3 but do all the other steps.

http://malwaretips.com/blogs/remove-unl ... -continue/

And tell us.


Top
 
 Profile  

 

  Re: VIRUS HELP!!!
    PostPosted: Wed Dec 19, 2012 4:17 am 
BacoTroll
Offline

Posts: 2520
Joined: Fri Jun 27, 2008 10:18 am
Location: Australia
OK, I will see how this goes.

The TDSKiller and roguekiller i just ran straight from a USB, only the malwarebytes was installed onto the computer.

I will try this hitmanpro thingo tonight. I also ran another one that did pick up the virus, though it then asked me to pay a subscription fee to remove files. When I googled the product most forums said not to get it as it sounded fishy. It was like SecuityScan 4 or something.

Anyhow if it doesn't work I will just take it to a tech to re-format it. Her stupid thing is like 3 yrs old and a P.O.S, so if all else phails Chris can buy me a new one for CHRIS(ax)tmas.

I found a good site for manual removal of the files, but I am not overly familiar with regedit functions and may end up FC-ing it up.


Top
 
 Profile  

 

  Re: VIRUS HELP!!!
    PostPosted: Wed Dec 19, 2012 1:41 pm 
BacoTroll
Offline

Posts: 2520
Joined: Fri Jun 27, 2008 10:18 am
Location: Australia
So half a bottle of wine & 3 hours later it still didnt fix. I ran hitmanpro and no good. So I attempted the USB boot kickstart thing, but it kept giving me an error. Support said "i've seen it but after the thrid attempt it worked, so see how you go.."..... :shock: It didnt work on 3 different USB (up to 16gb size). Eventually I found a solution to just do an msconfig thing, stop the application on re-boot then go and delete the file. This worked... 5 mins... UGH.

Anyhow malwarebytes found 74 bad files on her computer (including 2 trojans) O.O so its at least cleaned that up. Running that emisoft thing now to see if it picks up anything else. Also installed a adblocker (Sorry fuze i'm now a pirate!)

Hopefully now its all settled. What a crap thing.


Top
 
 Profile  

 

  Re: VIRUS HELP!!!
    PostPosted: Wed Dec 19, 2012 3:01 pm 
Big Leet
User avatar
Offline

Posts: 339
Joined: Fri Sep 26, 2008 8:02 pm
Location: Denmark
See, thats what happens when using gf/wifes pc for pron looking!!! Shame on you Rojo!!! I bet you told her you have no idea how it got there!!
Anyways hope you figure it out and get it cleaned up. And then stay of those sites Rojo! [-X


Top
 
 Profile  

 

  Re: VIRUS HELP!!!
    PostPosted: Wed Dec 19, 2012 9:39 pm 
BacoTroll
Offline

Posts: 2520
Joined: Fri Jun 27, 2008 10:18 am
Location: Australia
Haha i never use her laptop. Its slow as crap.

However it does look to be fixed now. The registry edit seems to be the best way to do it. Emisoft then pcked up the remains of this thing (spotted it in the logs).


Top
 
 Profile  

 

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

Forum time display is UTC  


  Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron

Athen Paladins is a large and old Organization of players ("Guild") founded in June 2003 in Anarchy Online,
a SF MMORPG created and published by Funcom (www.anarchy-online.com)
The names Anarchy Online and Funcom are the property of Funcom, Norway.
All trademarks and copyrighted material on this site are the property of their respective owners. All rights reserved.
This site is a non-profit and non-commercial site, solely made for the entertainment of Anarchy Online players.
Athen Paladins is a non-profit association
Athen Paladins theme created by © Chrisax, based on 4poziom by © gokin (www.gokin.pl), and Subsilver2 & Prosilver by © phpBB (www.phpbb.com)
Powered by phpBB © 2000, 2002, 2005, 2007, 2008 phpBB Group - Modifications by Chrisax and other authors.

W3 Consortium CSS approved