I need some expert advice on how to clean up this mess, yesterday ma laptop got infected with a VIRUS and it mess up everything for me, please I need to know how to clean it up, I have included a log so you can advice me on what to delete and 2 screen shots, what screen shot shows some icons appear on my desk top they don’t look familiar and the other screen shot shows the control panel, Help & support and others gone missing, all though the VIRUS is still there I can just about connect to the Internet because the laptop is VERY slow.
Yep Abbs, you have some nasties, there, I'll give Pancake a yell, I think he missed this one as he's our ex-spurt!
your window is still working so go for a virus scan using avg and avi send any virus to valut then delete them, you can save your data on another partition if you have one, then try a rstore to earlier date
Thank you for your response I have sorted it out once and for all by the only way possible at the time; I have managed to back up 90% of the data and formatted the hard drive.
I have been hit with VIRUS before but this one was different.
First this I noticed was the VIRUS ALARM that was flashing near the clock on the taskbar and the NEW ICONS that replaced my antivirus icons, this virus hit first the Help & Support, Control Panel, Search and Run, so there was no way to get to System Restore, so I kept looking for a way to get to System Restore through a back door and I found one but when I got there all Restore Points were DELETED; there were 3 restore points left and they all lead you to the point when the virus hit which were no help.
My PC is well protected with AVG 8 and SPYBOT or so I though, I have tried to delete it and I managed 3 times but it keeps coming back, this virus allows internet connection for a reason so every time I tried to delete it I keep getting this message “THIS VIRUS CAN NOT BE DELETED” or something similar and a page after page keeps opening directing me to a site where there is an antivirus up for sale to help me get rid of this virus this is the site “www.avx2008.net/tools/viruscleaner.dll“ and the virus was TROJAN HORSE GINARIC, when AVG got hold of it displayed details of it funny thing was or not so funny the name of the same site was included in the details, so the only way to stop the virus appearing was to disconnect the internet cable and run the antivirus that stopped the VIRUS ALARM flashing and made it disappear PC went back to sort of normal and that allowed me to back up my data but there was no way to restore the system and it was easier for me to format the hard drive, now the system is up and running with a fresh installation.
That’s all Folks
You do need a better firewall than that of Windoze. The Windoze one is like only closing a door without locking it. I currently use Comodo which is a
very secure, freebie. Zone Alarm free, is arguably, one of the easiest and best to use. As for anti viral products, ensure that you only have one
antivirus package running, more than one can cause more trouble than they save. Each will conflict with the other and ultimately give you less
protection. I also use AVG 8 coupled with Spybot, including enabling "teatimer" (some people swear at it, but it's saved my bacon on more than one
occasion) and have yet to be affected by a virus.
Another thought, what are your "surfing habits"? Do you click on pop ups just to see what they do? Do you accept unsolicited offers to "fix" your computer? What happens if some pop up tells you that you are "infected" and the message is not from your security pacages?
I’m always looking for free software (that saves me a lot of money) so my laptop is bound to get hit from time to time but that’s not a problem coz I always have a back up, My PC is always backed up with data just encase of a similar problem, I don’t click on pop ups, I will try to change the firewall to one you’ve mentioned but when surfing on the net as much as I do it is always likely to get hit with some new virus.
Sorry missed this, moved to virus help ......
Ok.Lets see what we got....
[color=red]Run both these programs[/color].
Please download Malwarebytes' Anti-Malware from one of these places:
Double Click mbam-setup.exe to install the application.
* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire report in your next reply along with a fresh HijackThis log.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
Ok.Lets download ComboFix.exe. This will give me a better view to the files running and also hidden on your computer and also those in the registry..Please visit this webpage for downloading and instructions for running the tool:
[color=Red]Go here ======> [/color][color=red]A guide and tutorial on using ComboFix[/color] [color=red]<====== Go here[/color]
[color=blue]Please ensure you read this guide carefully and install the Recovery Console first.This applies to XP Pro and XP Home users only.If youhave SP3 installed you will need to use SP2.Do not use for Vista. [/color]
The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.
Once installed, you should get a prompt that says:
The Recovery Console was successfully installed.
Please continue as follows:
(1) Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
(2) Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a report for you.
Please include the following reports for further review, and so we may continue cleansing the system:
New HijackThis log.
[color=red]Caution: Never run and remove files with Combofix unless supervised by a qualified security analyst who is experienced in the use ofCombofix. Mal use can cause serious computer problems[/color]
NOTE: Combofix prevents autorun of all CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you - please let me know.
Thank you for your advice I will keep them in mind for next infection, as you have probably read in my post that I have already formatted the hard drive and got my PC working again I do appreciate your help and I’m sure your advice will be very helpful next time a virus hit my PC.
If I had been here a bit earlier I sure we could have prevented the format...oh well.
Blame me, I didn't notice it weren't in the virus help forum.