1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Virus - Please solve me how to deal with this virus

Discussion in 'General Software' started by freebird_9924, Sep 16, 2009.

  1. freebird_9924

    Joined:
    Jan 27, 2007
    Messages:
    542 (0.20/day)
    Thanks Received:
    8
    Location:
    India
    Check screenshot plz..

    I dont know how my pc infected with it but i've bit defender total security 2009 & scanned quick system scan..

    it's not showing any virus

    but after everytime i start my pc and open internet explorer/maxthon and open my mail and some sites, bitdefender shows me that it was attacked by virus and it has deleted that file..but again same cycle repeats after each time i start my pc and internet explorer and open sites..


    this is since 4-5days only..

    and i tried to go to c:/windows/temp and c:...../appdata/temp and tried to delete that fgile manually but i was not able to do it..

    Instead sometimes when i tried to do so, it's showing blue screen and restarts.

    Sometimes it's showing w7services.exe virus after startup & it's requesting to connect but i blocked it using bitdefender and deleted from startup.

    and i've even observed since this 3-4days only i'm facing restart windows explorer error frequently.. [i'm using windows vista home premium]



    Please tell me how to permenently solve this problem..virus problem and hopefully it shd solve restart windows explorer problem..

    Now please tell me

    Attached Files:

    Last edited: Sep 18, 2009
  2. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,881 (5.11/day)
    Thanks Received:
    5,615
    Location:
    Cheeseland (Wisconsin, USA)
    Here is what I would try...
    Shut down all apps and anything you have in the tray.
    Shut off system restore.
    Delete everything from the temp directories. They are, after all, suposed to be temporary files.
    Boot into safe mode and run your virus scan.

    After it is done, see if you can acccess the registery editor.
    If you can, reboot into normal mode and see what happens. Sometimes the viruses will put things in the registry and then try to prevent you from accessing the registry.

    Let us know what happens.
    freebird_9924 says thanks.
  3. wiak

    wiak

    Joined:
    Sep 5, 2004
    Messages:
    1,743 (0.48/day)
    Thanks Received:
    198
    Location:
    Norway
    run in safe mode, and clean, check if bitdefender has somekind of antivirus based live-cd like eset sysrescue

    you can also try running malwarebytes anti-malware
    http://www.malwarebytes.org/mbam.php
  4. CrackerJack

    CrackerJack

    Joined:
    Dec 13, 2007
    Messages:
    2,702 (1.12/day)
    Thanks Received:
    448
    Location:
    East TN
    if Kreij solution doesn't work.... if you tried delete it that many times, it's a rootkit virus. Which mean it's a virus embedded a system file. Most likely explorer.exe or winlog.exe. So when the system restarts its added again and again. So using a rootkit cleaner/remover should fix this problem. Just like a virus backup your personal data ex: pics, videos and what not. Not programs!!!
  5. freebird_9924

    Joined:
    Jan 27, 2007
    Messages:
    542 (0.20/day)
    Thanks Received:
    8
    Location:
    India
    how to do that?
    Still my pc is showing similar error after each startup.
  6. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    41,942 (11.76/day)
    Thanks Received:
    9,364
    boot in safe mode and run a real antivirus (such as the nod32 or kaspersky 30 day trials)


    If you wont (or cant) do that, then format the PC and reinstall windows.
  7. freebird_9924

    Joined:
    Jan 27, 2007
    Messages:
    542 (0.20/day)
    Thanks Received:
    8
    Location:
    India
    Bitdefender wont work?

    So i have to uninstall it and install any of these 2?
  8. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    41,942 (11.76/day)
    Thanks Received:
    9,364
    from memory bitdefender is a decent antivirus, most people like it for its firewall. but its not one of the best - kaspersky and nod32 are trading blows for best antivirus.
  9. Boyfriend New Member

    Joined:
    Nov 30, 2008
    Messages:
    160 (0.08/day)
    Thanks Received:
    34
    Hello

    Install Kaspersky 2010 on your computer --> Update it (first complete update is free even without any trial/commercial key activation) --> Go in Security+ tab on main GUI --> Click Create Rescue Disk --> Next select Download ISO image from Kaspersky Lab server and follow the procedure. At the end, explorer will show a folder containing up-to-date ISO image of Rescue Disk --> Burn it on blank CD and boot --> Run complete computer scan. It is Linux based Boot CD.

    If above procedure is not possible (what ever the reason), then download Kaspersky Rescue Disk. It is slightly outdated. Burn it on blank CD and boot. Run complete system scan. It should clean most (remember! it is not up-to-date) of those nasty things without messing your OS+Data.
    freebird_9924 and Mussels say thanks.
  10. TheLaughingMan

    TheLaughingMan

    Joined:
    May 7, 2009
    Messages:
    5,067 (2.68/day)
    Thanks Received:
    1,292
    Location:
    Marietta, GA USA
    Simple. Virus scanners and virus programs are reactive, not proactive. This means the virus will come out infect computers, unfortunately yours, and the the virus scanners will be updated to handle the new threat. It is the nature of the game and applies to all virus scanners.

    Fine a Anti-virus program that is updated frequently, does active scans of recently used files, and does some kind of Spyware block (separate program if needed). Its the best you can do.

    I recommend AVG, Nod32 is good, and Clam Windows edition. I also agree with Mussels. Restart system in safe mode, run a full system scan using Ccleaner, then your anti-virus program, then your anti-spyware program. Or format away.
  11. Boyfriend New Member

    Joined:
    Nov 30, 2008
    Messages:
    160 (0.08/day)
    Thanks Received:
    34
    Isn't it better to run a single solution (I recommend Kaspersky) than AVG+NOD32+Clam AV.
  12. TheLaughingMan

    TheLaughingMan

    Joined:
    May 7, 2009
    Messages:
    5,067 (2.68/day)
    Thanks Received:
    1,292
    Location:
    Marietta, GA USA
    Kinda meant one or the other. I was just throwing out some different ones I have used and think work well.

    To answer the question, yes. Anti-virus programs don't play nice. I have had several occassions were friends would have 2 or 3 and one would call the other a virus due to teh number of files it "accessed" matching keylogger.
  13. Boyfriend New Member

    Joined:
    Nov 30, 2008
    Messages:
    160 (0.08/day)
    Thanks Received:
    34
    First: Virus and keylogger are different things.
    Second: An infected system although can be cleaned in safe mode (Full Admin mode with only necessary drivers), but remember many virus are now aware of safe mode and can continue executing in safe mode & hinder removal. The only remaining method which is the best is to boot in another OS (Boot CD) and do cleaning and for this purpose I have found Kaspersky Boot CD much effective and efficient (I have tested Panda BootCD, Avira BootCD, Eset SysRescue). If anyone find Kaspersky 2010 Boot CD difficult to use, then install Kaspersky 2009 edition, and make BartPE (Windows XP based) Boot CD containing Kaspersky AV. That CD can be updated with internet in real time and also give you more options and accessibility.
  14. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    41,942 (11.76/day)
    Thanks Received:
    9,364
    could you link to the kaspersky boot CD, or some instructions for it? i wasnt even aware it existed
  15. TheLaughingMan

    TheLaughingMan

    Joined:
    May 7, 2009
    Messages:
    5,067 (2.68/day)
    Thanks Received:
    1,292
    Location:
    Marietta, GA USA
    I know, but most virus scanner search for more than just viruses. And in this case it was a obvious mistake by one virus scanner calling the other's e-mail scanner a keylogger. In then end usually not a smart thing to have 2 or 3 different Anti-virus programs running at once.

    Safe mode takes no addition effort other than a simply restart, so is always a good thing to try first; however, running a scanner from bootable CD is a good alternative to a OS reinstall.
  16. freebird_9924

    Joined:
    Jan 27, 2007
    Messages:
    542 (0.20/day)
    Thanks Received:
    8
    Location:
    India
    Scanned reports - Showing rootkit virus

    I've scanned using bitdefender and malwarte bytes both.
    They are showing rootkit virus but not deleting them on next reboot.

    Anyway to remove this rootkit virus?


    Check attached screenshot and malware bytes reports.

    Attached Files:

  17. i789 New Member

    Joined:
    Sep 29, 2009
    Messages:
    145 (0.08/day)
    Thanks Received:
    12
    Location:
    point roberts, wa
    usually rootkit "virus" is hard to remove and sometimes even though you apparently remove infected files, the backdoors it creates still remain open afterwards. Whoever in control of this rootkit still have access to these backdoors and your system is till compromised even though you removed "infected files". I would suggest you to use either Icesword or Rootkitrevealer to check the condition of your system. To be honest, if your OS kernel is compromised, you may want to just backup everything and nuke this system so no one can access your system through backdoors anymore. Let me know if you need any help ;)
  18. freebird_9924

    Joined:
    Jan 27, 2007
    Messages:
    542 (0.20/day)
    Thanks Received:
    8
    Location:
    India
    Opps. :(

    Can't i remove rootkit virus by anyother way?
  19. dir_d

    dir_d

    Joined:
    Sep 1, 2009
    Messages:
    848 (0.48/day)
    Thanks Received:
    110
    Location:
    Manteca, Ca
    theres one program thats super strong but before id use it i would back up EVERYTHING! its called combofix. Ive had a root kit before and it got rid of every trace of it.
  20. Asylum

    Asylum

    Joined:
    Jul 18, 2008
    Messages:
    2,786 (1.27/day)
    Thanks Received:
    660
    Location:
    South Carolina
    Ever heard of a Reformat.
    The ultimate virus killer.
  21. freebird_9924

    Joined:
    Jan 27, 2007
    Messages:
    542 (0.20/day)
    Thanks Received:
    8
    Location:
    India


    Will kaspersky or bitdefender latest rescue cd work?

    I dont want to format my hdd and reinstall windows?
  22. THRiLL KiLL

    THRiLL KiLL

    Joined:
    Oct 26, 2009
    Messages:
    711 (0.41/day)
    Thanks Received:
    140
    Location:
    Seattle
  23. freebird_9924

    Joined:
    Jan 27, 2007
    Messages:
    542 (0.20/day)
    Thanks Received:
    8
    Location:
    India
    Thanks.

    But in manual removal, files and process they mentioned, i'm not able to find them on my process/files.

    files which are infected in my laptop, i posted in above post with bitdefender screenshot and malwarebytes log.

    Please tell me what to do.
  24. THRiLL KiLL

    THRiLL KiLL

    Joined:
    Oct 26, 2009
    Messages:
    711 (0.41/day)
    Thanks Received:
    140
    Location:
    Seattle
  25. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    8,107 (2.55/day)
    Thanks Received:
    1,123
    submit a hijack this report please, if hijack this won't run then rename the file to something else and run it.
    10 Million points folded for TPU

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page