• We've upgraded our forums. Please post any issues/requests in this thread.

Trojan/Virus - Can't remove, cant install programs, can't backup folders

Joined
May 17, 2007
Messages
461 (0.12/day)
Likes
41
Location
United Kingdom
Processor I5-4670k @ 4ghz
Motherboard Asrock Z87 Extreme 4
Cooling Hyper 212 Evo
Memory Gskill 2133mhz - 8gb
Video Card(s) Evga 970 GTX FTW
Storage Samsung 840 Pro 256gb
Display(s) Samsung 22" B2230
Case NZXT 410 Phantom
Audio Device(s) Motherboard Onboard
Power Supply Corsair Gaming Series 700w
Software Windows 7 64-bit
#1
Hey everyone, today me AND my brother both received the same virus at the same time, bascialy what it does it keeps refreshing windows using explorer, restarting all programs, like sound ect, so you can't do nothing.

I cant install programs, so i cant install anti virus, i get about 10 seconds to access local disk ect. I ran an online virus scan, it found the virus but it couldn't remove it. And i cant install other virus scanner's so im stuck on what to do, and because it keeps refreshing, i can't move my folders onto my external hardrive and reformat.

Does anyone have any advice on what i should do? i only have a few folders i really don't want to lose, and does anyone know where this virus came from? i hardly download anything, and today all i did was play call of duty, So how i got this virus i have no clue, and i'd like to avoid getting it again.

Edit: All i seem to be able to do is use firefox, and even then it blocks me using google to search for fixes, all i can access is my bookmarks (favourites) and that's how i got here!
 

Namslas90

New Member
Joined
Aug 27, 2006
Messages
4,846 (1.18/day)
Likes
535
Location
Earth
Processor AMD PII 940
Motherboard Biostar TA790GXB3
Cooling Custom Air
Memory 4GB G.SKILL (2x2)
Video Card(s) ASUS Radeon HD 5970
Storage 2X32GB ST SSd R0 + WD500GB storage
Display(s) Asus 22" Widescreen
Case Thermaltake V9 BE
Power Supply PCP&C 750 Silencer
#2
Joined
May 17, 2007
Messages
461 (0.12/day)
Likes
41
Location
United Kingdom
Processor I5-4670k @ 4ghz
Motherboard Asrock Z87 Extreme 4
Cooling Hyper 212 Evo
Memory Gskill 2133mhz - 8gb
Video Card(s) Evga 970 GTX FTW
Storage Samsung 840 Pro 256gb
Display(s) Samsung 22" B2230
Case NZXT 410 Phantom
Audio Device(s) Motherboard Onboard
Power Supply Corsair Gaming Series 700w
Software Windows 7 64-bit
#3

Namslas90

New Member
Joined
Aug 27, 2006
Messages
4,846 (1.18/day)
Likes
535
Location
Earth
Processor AMD PII 940
Motherboard Biostar TA790GXB3
Cooling Custom Air
Memory 4GB G.SKILL (2x2)
Video Card(s) ASUS Radeon HD 5970
Storage 2X32GB ST SSd R0 + WD500GB storage
Display(s) Asus 22" Widescreen
Case Thermaltake V9 BE
Power Supply PCP&C 750 Silencer
#4
Hey, thanks for the suggestion, but i cant install any programs because it keeps refreshing every 10~ seconds :mad:
Try putting in your windows CD - reboot and follow the screens untill you can press "R" and recover windows.
:toast:
 
Joined
May 17, 2007
Messages
461 (0.12/day)
Likes
41
Location
United Kingdom
Processor I5-4670k @ 4ghz
Motherboard Asrock Z87 Extreme 4
Cooling Hyper 212 Evo
Memory Gskill 2133mhz - 8gb
Video Card(s) Evga 970 GTX FTW
Storage Samsung 840 Pro 256gb
Display(s) Samsung 22" B2230
Case NZXT 410 Phantom
Audio Device(s) Motherboard Onboard
Power Supply Corsair Gaming Series 700w
Software Windows 7 64-bit
#5
Hey guys, i tried all sorts of different things with no luck, that virus was just a pain in the ass, i was struggling to come up with a idea to backup my files, even though i couldn't use my external or anything.

So i uploaded all my files to filefront, and reformatted and then redownloaded them, seemed to work for me, still a pain to do that though, but thanks for your help, and if anyone has any idea where this virus is coming from (3 people in my family have already had it, all today) i'd really appreciate it, i don't want that bugger again.
 

ASRockIQ

New Member
Joined
Dec 9, 2008
Messages
948 (0.29/day)
Likes
62
Location
Daphne, AL
System Name Watermark
Processor Athlon II X4 620 @3.3GHZ V1.4250
Motherboard ASRock A780GXE/128
Cooling XIGMATEK HDT-S963 | 4 Blue LED 120mm Fans 1 Regular 120mm
Memory G.SKILL 4GB (2 x 2GB) @850MHZ
Video Card(s) Sapphire 6850 1GB (@stock)
Storage 320GB OS | 160GB Storage
Display(s) ASUS VH236H 23" 1920x1080
Case COOLER MASTER Centurion 590 (With Side Panel Window)
Audio Device(s) Onboard
Power Supply Rosewill 600W 12V Rail@44
Software Windows 7 Ultimate 64-Bit Edition
#6
umm... your parents or anyone else in the family didn't open up any ADs or E-mails that they were unaware of? didn't download any files or programs that they were also unaware of?
 
Joined
Dec 27, 2007
Messages
8,506 (2.34/day)
Likes
2,072
Location
Kansas City
System Name The Dove Box Rev 2.0
Processor I7 5930k
Motherboard Asus X99
Cooling Custom water loop
Memory 4 x 4GB 3000 MHz DDR4
Video Card(s) 2x MSI 780 Ti's in SLI
Storage 500GB Samsung 850 PCIe SSD, 2x1TB WD Blacks, 1.2TB NAS
Display(s) 27" Asus 144Hz
Case Enermax Fulmo GT
Audio Device(s) ON BOARD FTW
Power Supply Thermaltake Toughpower 850W
Keyboard Logitech G510
Software Win 10 64x
#7
Boot into safe mode and kill it!

Do you know where the exe is located? Check your running apps in Task Manager and google/write down to see which one it is. Generally you'll find the one that needs killed.
 
Joined
May 17, 2007
Messages
461 (0.12/day)
Likes
41
Location
United Kingdom
Processor I5-4670k @ 4ghz
Motherboard Asrock Z87 Extreme 4
Cooling Hyper 212 Evo
Memory Gskill 2133mhz - 8gb
Video Card(s) Evga 970 GTX FTW
Storage Samsung 840 Pro 256gb
Display(s) Samsung 22" B2230
Case NZXT 410 Phantom
Audio Device(s) Motherboard Onboard
Power Supply Corsair Gaming Series 700w
Software Windows 7 64-bit
#8
Thanks for your answer guys, i can't check now however since i reformatted, but i knew it was in local settings, but the virus was a smart bastard and removed the option to see hidden files, and the ability to edit your registery, so there was no way to see them. I had loads of weird exe's in local disk, which would just reappear if deleted, the main source was in local settings.

And yes, maybe someone in my family did open up a virus, would it still spread to me though? even though it's not the same computer?
 
Joined
Dec 27, 2007
Messages
8,506 (2.34/day)
Likes
2,072
Location
Kansas City
System Name The Dove Box Rev 2.0
Processor I7 5930k
Motherboard Asus X99
Cooling Custom water loop
Memory 4 x 4GB 3000 MHz DDR4
Video Card(s) 2x MSI 780 Ti's in SLI
Storage 500GB Samsung 850 PCIe SSD, 2x1TB WD Blacks, 1.2TB NAS
Display(s) 27" Asus 144Hz
Case Enermax Fulmo GT
Audio Device(s) ON BOARD FTW
Power Supply Thermaltake Toughpower 850W
Keyboard Logitech G510
Software Win 10 64x
#9
Reformat, the best option for Virus's.

The one virus I hate is where it says you have 126 pron images on your computer and wants you to use this "free" program to clean the computer. Takes over your browser and sets you home page to some crap. My wife clicked on an ad that said "Your computer has xxx material, click here to remove it" She got suckered in and it jacked up the comp for like two weeks. I killed it in safe mode and all is good.
 
Joined
Jun 2, 2007
Messages
5,105 (1.33/day)
Likes
1,249
Location
Kansas
Processor Core i5 3570K
Motherboard AsRock z77 Pro4
Cooling Zalman CNPS10X Extreme
Memory 2x4GB GSkill Sniper
Video Card(s) MSI GTX970 Gaming
Storage 240GB OCZ ARC 100, Samsung Spinpoint F3 1TB
Display(s) LG 23" 1920x1080
Case Antec P100
Audio Device(s) Onboard
Power Supply Antec Edge 750W
Software Windows 8.1 Pro 64
#10
I just reformatted a lady's comp today that had "AntiVirus 2009" in it. That bitch was nasty.
 
Joined
Dec 27, 2007
Messages
8,506 (2.34/day)
Likes
2,072
Location
Kansas City
System Name The Dove Box Rev 2.0
Processor I7 5930k
Motherboard Asus X99
Cooling Custom water loop
Memory 4 x 4GB 3000 MHz DDR4
Video Card(s) 2x MSI 780 Ti's in SLI
Storage 500GB Samsung 850 PCIe SSD, 2x1TB WD Blacks, 1.2TB NAS
Display(s) 27" Asus 144Hz
Case Enermax Fulmo GT
Audio Device(s) ON BOARD FTW
Power Supply Thermaltake Toughpower 850W
Keyboard Logitech G510
Software Win 10 64x
#11
Joined
May 30, 2006
Messages
7,626 (1.81/day)
Likes
855
Location
TX, USA
Processor Intel i7 4770K
Motherboard Asrock
Cooling Water
Memory Team Xtreem LV 16GB (2x8GB)
Video Card(s) EK Full WB HD7970
Display(s) CROSSOVER 27Q LED-P 27"
Case Danger Den Torture Rack
Audio Device(s) Onboard
Power Supply CORSAIR Professional Series Gold AX1200
Software W 10 Pro
#12
I just reformatted a lady's comp today that had "AntiVirus 2009" in it. That bitch was nasty.
yeah thats the one thats been going around it even pops up with nod :wtf:

i took it off my laptop then it had another one when i came down for x-mas i restored it to an earlier date seemed to fix it was going to reinstall but it seem to working okay now
 
Joined
Oct 27, 2008
Messages
2,212 (0.66/day)
Likes
1,605
Location
Look up. Look way up.
System Name Ultimate Vortex II // Ultimite Vortex
Processor AMD FX 8150 Black @ 4.5Ghz // 1055T@ 3.2Ghz
Motherboard Asus Crosshair IV Extreme // Asus M4A89TD PRO/USB3
Cooling CNPS 9900 MAX Red Led//Thermaltake Big Typhoon VX
Memory Corsair Vengeance (2x4Gb) @ 1866 Mhz, 1.5v//Corsair XMS3 Classic (2x4GB) DDR3 @1667Mhz
Video Card(s) Sapphire Radeon HD 7970//Sapphire Radeon HD 6870
Storage Corsair Force 3 90Gb SSD (OS &Games) - WD Caviar Blue 500 GB (Data) // WD Caviar Blue 320 GB
Display(s) LG 22in W2242TQ Black 1680x1050 LCD // Teamviewer to check on UltimateVortex
Case CoolerMaster HAF 932 Advanced//CoolerMaster CM 690 w/8 x 120 mm fans
Audio Device(s) Onboard Realtek 8Ch. w/Logitech Z-5500 500W Surround Awesomeness!
Power Supply Coolermaster Silent Pro 850W// OCZ GameXstream 600w
Software Windows 7 x64
#13
If you're running a microsoft OS, an anti-virus program is a must. Install one, schedule it to update daily and scan daily. I cannot stress this enough!! Then you should never have a problem.

I run AVG Free. The antivirus only. It works for me and I never have problems. :cool:
 

ASRockIQ

New Member
Joined
Dec 9, 2008
Messages
948 (0.29/day)
Likes
62
Location
Daphne, AL
System Name Watermark
Processor Athlon II X4 620 @3.3GHZ V1.4250
Motherboard ASRock A780GXE/128
Cooling XIGMATEK HDT-S963 | 4 Blue LED 120mm Fans 1 Regular 120mm
Memory G.SKILL 4GB (2 x 2GB) @850MHZ
Video Card(s) Sapphire 6850 1GB (@stock)
Storage 320GB OS | 160GB Storage
Display(s) ASUS VH236H 23" 1920x1080
Case COOLER MASTER Centurion 590 (With Side Panel Window)
Audio Device(s) Onboard
Power Supply Rosewill 600W 12V Rail@44
Software Windows 7 Ultimate 64-Bit Edition
#14
a reformat just for that Anti 2009 thing ha! did you try Spybot, SUPERAnti-Spyware, and Malwarebytes' to clean it all out? worked for me on my Grandpa's Computer.

OP - a virus can spread to one computer to another on a protected and non-protected network but it's un-likely to spread through a protected one.
 

goober

New Member
Joined
Apr 12, 2006
Messages
245 (0.06/day)
Likes
10
Location
Florida
Processor Intel Core i7-2600K
Motherboard MSI
Memory 8 GB Mushkin
Video Card(s) Nvidia 560ti
Storage Seagate 1TB, Seagate 320GB
Display(s) 25" Hannspree 1920x1080 and 22" LG 1680x1050
Case Cooler Master
Power Supply 750 Watt Corsair
Software Windows 8 Pro NFR
#15
What about www.finallyfast.com I see they actually install malware to make you think you have all these issues and then you pay to get "fixed" :roll: I hate those stupid commercials

http://www.youtube.com/watch?v=In9jCKDcaf0
i think its helarious that they show the mac's blue screening and stuff like that. lol OMG YOUR MAC HAS A VIRUS QUICK PAY 50 DOLLARS TO REMOVE IT!!!

lol for shits and giggles i downloaded the app for finallyfast.com and nod32 popped up and sayed it was this (Win32/Adware.Ascentive application) cleaned by quarantine
 
Last edited:
Joined
Dec 27, 2007
Messages
8,506 (2.34/day)
Likes
2,072
Location
Kansas City
System Name The Dove Box Rev 2.0
Processor I7 5930k
Motherboard Asus X99
Cooling Custom water loop
Memory 4 x 4GB 3000 MHz DDR4
Video Card(s) 2x MSI 780 Ti's in SLI
Storage 500GB Samsung 850 PCIe SSD, 2x1TB WD Blacks, 1.2TB NAS
Display(s) 27" Asus 144Hz
Case Enermax Fulmo GT
Audio Device(s) ON BOARD FTW
Power Supply Thermaltake Toughpower 850W
Keyboard Logitech G510
Software Win 10 64x
#16
i think its helarious that they show the mac's blue screening and stuff like that. lol OMG YOUR MAC HAS A VIRUS QUICK PAY 50 DOLLARS TO REMOVE IT!!!
Yeah I saw that too.

I guess by removing unused registry keys on my Mac I can download 375% faster? :confused:

That makes no sense at all :shadedshu Turns out this and regcure are both sucker pay programs that actually install malware to give false positives. Funny that places like this actually make money taking advantage of people.
 

ASRockIQ

New Member
Joined
Dec 9, 2008
Messages
948 (0.29/day)
Likes
62
Location
Daphne, AL
System Name Watermark
Processor Athlon II X4 620 @3.3GHZ V1.4250
Motherboard ASRock A780GXE/128
Cooling XIGMATEK HDT-S963 | 4 Blue LED 120mm Fans 1 Regular 120mm
Memory G.SKILL 4GB (2 x 2GB) @850MHZ
Video Card(s) Sapphire 6850 1GB (@stock)
Storage 320GB OS | 160GB Storage
Display(s) ASUS VH236H 23" 1920x1080
Case COOLER MASTER Centurion 590 (With Side Panel Window)
Audio Device(s) Onboard
Power Supply Rosewill 600W 12V Rail@44
Software Windows 7 Ultimate 64-Bit Edition
#17
why pay for something when something free can do better? :laugh:
 
Joined
Dec 27, 2007
Messages
8,506 (2.34/day)
Likes
2,072
Location
Kansas City
System Name The Dove Box Rev 2.0
Processor I7 5930k
Motherboard Asus X99
Cooling Custom water loop
Memory 4 x 4GB 3000 MHz DDR4
Video Card(s) 2x MSI 780 Ti's in SLI
Storage 500GB Samsung 850 PCIe SSD, 2x1TB WD Blacks, 1.2TB NAS
Display(s) 27" Asus 144Hz
Case Enermax Fulmo GT
Audio Device(s) ON BOARD FTW
Power Supply Thermaltake Toughpower 850W
Keyboard Logitech G510
Software Win 10 64x
#18
why pay for something when something free can do better? :laugh:
Why pay for something when you can do it(not indented at you Asrock)? It just takes a bit of knowledge to do what these scam sites are pulling off.
 
Joined
Sep 23, 2008
Messages
96 (0.03/day)
Likes
9
Location
NY
System Name OMI SAGITTA X2 ////2009 RIG
Processor AMD Athlon 64 X2 6000+ Windsor 3.2GHz(3330GHz
Motherboard Foxconn A7GM-S AM2+/AM2 AMD 780G
Cooling XIGMATEK HDT-S963 +120mm Blue & 120mm Silent Fan
Memory PNY OPTIMA 3GB DDR2 800MHz
Video Card(s) DIAMOND RADEON HD 4850 512MB GDDR3
Storage WDC 320GB 7200RPM SATA//WDC GP OR Green 500G SATA
Display(s) DELL 20" HC WIDESCREEN LCD
Case RAIDMAX SAGITTA 2 ATX-928WB Black
Audio Device(s) WHY?:) MY BUILT IN HDMI + 7.1 DD IS ENOUGH
Power Supply Sunbeam PSU-HUSH680-US-BL 680W ATX 12V 2.0
Software Microsoft Windows XP HOME//Windows 7 2010
Benchmark Scores 10847 3DMarks@3300Mhz*220
#19
Boot into safe mode and kill it!

Do you know where the exe is located? Check your running apps in Task Manager and google/write down to see which one it is. Generally you'll find the one that needs killed.
yeah safe mode should do it just press f8 before windows load and choose safe mode network
 

ASRockIQ

New Member
Joined
Dec 9, 2008
Messages
948 (0.29/day)
Likes
62
Location
Daphne, AL
System Name Watermark
Processor Athlon II X4 620 @3.3GHZ V1.4250
Motherboard ASRock A780GXE/128
Cooling XIGMATEK HDT-S963 | 4 Blue LED 120mm Fans 1 Regular 120mm
Memory G.SKILL 4GB (2 x 2GB) @850MHZ
Video Card(s) Sapphire 6850 1GB (@stock)
Storage 320GB OS | 160GB Storage
Display(s) ASUS VH236H 23" 1920x1080
Case COOLER MASTER Centurion 590 (With Side Panel Window)
Audio Device(s) Onboard
Power Supply Rosewill 600W 12V Rail@44
Software Windows 7 Ultimate 64-Bit Edition
#20
Why pay for something when you can do it(not indented at you Asrock)? It just takes a bit of knowledge to do what these scam sites are pulling off.
boy, i deal with computers that are madly infected and sometime it takes me a few tries to remove them. most people at my school ask me for help on everything. it's stressful :twitch:

yeah safe mode should do it just press f8 before windows load and choose safe mode network
not if the Virus prevents from booting there. had some viruses do that to me.
 
Joined
Dec 27, 2007
Messages
8,506 (2.34/day)
Likes
2,072
Location
Kansas City
System Name The Dove Box Rev 2.0
Processor I7 5930k
Motherboard Asus X99
Cooling Custom water loop
Memory 4 x 4GB 3000 MHz DDR4
Video Card(s) 2x MSI 780 Ti's in SLI
Storage 500GB Samsung 850 PCIe SSD, 2x1TB WD Blacks, 1.2TB NAS
Display(s) 27" Asus 144Hz
Case Enermax Fulmo GT
Audio Device(s) ON BOARD FTW
Power Supply Thermaltake Toughpower 850W
Keyboard Logitech G510
Software Win 10 64x
#21
boy, i deal with computers that are madly infected and sometime it takes me a few tries to remove them. most people at my school ask me for help on everything. it's stressful :twitch:
Niiiiiiiiice
Internet High Five:
 
Joined
May 17, 2007
Messages
461 (0.12/day)
Likes
41
Location
United Kingdom
Processor I5-4670k @ 4ghz
Motherboard Asrock Z87 Extreme 4
Cooling Hyper 212 Evo
Memory Gskill 2133mhz - 8gb
Video Card(s) Evga 970 GTX FTW
Storage Samsung 840 Pro 256gb
Display(s) Samsung 22" B2230
Case NZXT 410 Phantom
Audio Device(s) Motherboard Onboard
Power Supply Corsair Gaming Series 700w
Software Windows 7 64-bit
#22
Hehe, it wouldn't actuley work in safe mode, it still did the same thing, kept refreshing, and yes i also had that antivirus 2009 one, luckily i managed to get red of that one, this one however was even worse, i only seem to get the really annoying virus's cause there the only ones which manage to get in.

I got the antivirus 2009 from a site, i accidently clicked a popup and it gave me it!
 
Joined
Oct 27, 2008
Messages
2,212 (0.66/day)
Likes
1,605
Location
Look up. Look way up.
System Name Ultimate Vortex II // Ultimite Vortex
Processor AMD FX 8150 Black @ 4.5Ghz // 1055T@ 3.2Ghz
Motherboard Asus Crosshair IV Extreme // Asus M4A89TD PRO/USB3
Cooling CNPS 9900 MAX Red Led//Thermaltake Big Typhoon VX
Memory Corsair Vengeance (2x4Gb) @ 1866 Mhz, 1.5v//Corsair XMS3 Classic (2x4GB) DDR3 @1667Mhz
Video Card(s) Sapphire Radeon HD 7970//Sapphire Radeon HD 6870
Storage Corsair Force 3 90Gb SSD (OS &Games) - WD Caviar Blue 500 GB (Data) // WD Caviar Blue 320 GB
Display(s) LG 22in W2242TQ Black 1680x1050 LCD // Teamviewer to check on UltimateVortex
Case CoolerMaster HAF 932 Advanced//CoolerMaster CM 690 w/8 x 120 mm fans
Audio Device(s) Onboard Realtek 8Ch. w/Logitech Z-5500 500W Surround Awesomeness!
Power Supply Coolermaster Silent Pro 850W// OCZ GameXstream 600w
Software Windows 7 x64
#23
Hehe, it wouldn't actuley work in safe mode, it still did the same thing, kept refreshing, and yes i also had that antivirus 2009 one, luckily i managed to get red of that one, this one however was even worse, i only seem to get the really annoying virus's cause there the only ones which manage to get in.

I got the antivirus 2009 from a site, i accidently clicked a popup and it gave me it!
Hi Kusimeka,

As I mentioned in an earlier post, if you are running a Microsoft OS (and you are), it would be wise to install an antivirus software. Microsoft OS's are the target of viruses more than any other OS's and come under attack the most. I see your running MS XP Pro. A good AV software is AVG free. It is an Anti-virus software that is not a resource hog (unlike Norton amongst others), it's what I use and it has caught everything on my computer for the last 5 years; I have never had a problem. I can't remember the last time I had to format. You can download it here: http://free.avg.com/

Install only the basic anti-virus (I don't use the spyware/adware feature because I use spybot for that) schedule it to update and scan daily when your computer is idle (mine does this while I sleep) and I would be willing to bet that you will never have a problem again.

Cheers!
 
Joined
Jun 2, 2007
Messages
5,105 (1.33/day)
Likes
1,249
Location
Kansas
Processor Core i5 3570K
Motherboard AsRock z77 Pro4
Cooling Zalman CNPS10X Extreme
Memory 2x4GB GSkill Sniper
Video Card(s) MSI GTX970 Gaming
Storage 240GB OCZ ARC 100, Samsung Spinpoint F3 1TB
Display(s) LG 23" 1920x1080
Case Antec P100
Audio Device(s) Onboard
Power Supply Antec Edge 750W
Software Windows 8.1 Pro 64
#24
a reformat just for that Anti 2009 thing ha! did you try Spybot, SUPERAnti-Spyware, and Malwarebytes' to clean it all out? worked for me on my Grandpa's Computer.

OP - a virus can spread to one computer to another on a protected and non-protected network but it's un-likely to spread through a protected one.
I used all of those plus a few others and it kept coming back. She needed a reformat anyways; She'd had that comp 3 years without one.:eek: