| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 125203 | 2012-06-13 20:53:00 | Huge virus, URGENT help needed please. | Luppi (12974) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1281497 | 2012-06-13 23:50:00 | Rebooted normally now. Processes are gone from CCleaner startup and from Task Manager. Folder is gone from AppData, PC still moves kind of slow but will clean it up in a jiffy. But still, my antivirus won't start on reboot and the firewall problem still exists. How on earth do i fix that. Another PM for you Speedy coming soon. Biff AVG, download or get speedy to send you either MSE or Avast. |
Nick G (16709) | ||
| 1281498 | 2012-06-13 23:52:00 | Did not work. Udell.exe came back as a process 5 minutes after reboot in Ccleaner start-up. TeamViewer won't work in normal mode. I think it happened right after running Yahoo Messenger. What now? EDIT: Speedy, will get it back into Safe Mode. I cannot run TeamViewer in normal mode, it says Service could not be started. I ran another scan with MB a couple of minutes ago and the same exploit you removed earlier reappeared. Check image: www.freeimagehosting.net www.freeimagehosting.net |
Luppi (12974) | ||
| 1281499 | 2012-06-14 00:06:00 | Sorry for the double post, but i killed it again and it's back again. I delete it from Ccleaner and MB and any other malaware program and by the next reboot it's back. Here it is: www.freeimagehosting.net Can't get it into Safe Mode again. Jesus, any other ideas guys? |
Luppi (12974) | ||
| 1281500 | 2012-06-14 00:23:00 | Would System Restore be of any use? LL |
lakewoodlady (103) | ||
| 1281501 | 2012-06-14 00:23:00 | i bet it is hiding in system restore. See what Speedy has to say but i think you will need to turn off system restore | gary67 (56) | ||
| 1281502 | 2012-06-14 00:23:00 | Download Kasperky live CD, burn to cd, boot off that CD (or some other CD booting av scanner) UPDATE KASPERSKY when the cd has started up. Run a full scan, all files or remove the HD & scan it via a clean PC . Run several AV/malware scanners across it. All of those suggested by others or can also try a system restore, but malware often disables that as well. **disable all other AV programs when running another AV scanner, they will try & block each other when they both see the same infected file ** ** set AV/malware scans to scan ALL FILES (important) Think about how much time you want to spend on this, you may end up with a clean PC with Windows trashed & unusable/flaky. Its often actually quicker to just wipe & re-install windows. |
1101 (13337) | ||
| 1281503 | 2012-06-14 00:27:00 | System restore has been turned off on my PC since i first got it. Never had it on. Second, is a full wipe going to solve my problem for sure? Can i do a full wipe with this kind of virus? |
Luppi (12974) | ||
| 1281504 | 2012-06-14 00:30:00 | Malwarebyes is not getting it all, it misses lots these days,its not as good as they make out. Run Rkill, that will kill any process. Then download and run RogueKiller (www.sur-la-toile.com). The download link is in the middle of the page, a blue/ blackish Circle with the wording under it. You need to run all its options. THEN run Super, and spybot - both in full scan modes, you can run them both together, but depending on the amount of data/speed of Computer it can take a few hours. Edited: trouble with some infections is they cause damage that cant be easily repaired - sometimes as 1101 suggested , blow away any partitions, a full reinstall from scratch. |
wainuitech (129) | ||
| 1281505 | 2012-06-14 00:33:00 | I ran Rkill and when it killed the process my PC automatically went to boot screen and rebooted. It can't be killed, basically. | Luppi (12974) | ||
| 1281506 | 2012-06-14 00:39:00 | Yes it can (as you said it rebooted, which did actually kill the process), its just in several locations and hanging on good to the System files someplace. If I were doing it here at the workshop, I would make sure all data is saved and blow away the partition and reinstall - heaven knows what damage its done. Looking at the time its currently around 11.40 - within an hour it would be reinstalled, fresh drivers and doing windows updates -- in fact thats exactly what Im about to do on a customers PC ;) |
wainuitech (129) | ||
| 1 2 3 4 5 6 | |||||