Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Freeware Forum > General Computer Support

Reply
 
Thread Tools Display Modes
Old 11. Sep 2010, 11:00 PM   #1 (permalink)
Member
 
Join Date: Sep 2010
Posts: 19
Default Help with Virus(es)?

I'm not sure if this is the right place to put this thread or not, so bear with me.

I was offline for several months until a few days ago when i reconnected to the internet. As soon as i did i updated my anti-virus, which immediately spotted 2 trojans - Vundo and agent2.crwg.
No matter whether i asked Avira to delete them, quarantine them, or deny them access, nothing happened. I would just get another security alert that would pop up again every few seconds as long as my anti-virus was active. My PC crashed every time i tried to start firefox until i disabled my anti-virus.

I ran a full scan, and allowed my anti-virus to do a reboot and delete the software securely then. It didn't work. So now the only way i can get on the net, or do anything with my PC, is by disabling my anti-virus which is obviously not a good thing.

Can anyone help?
Resung is offline   Reply With Quote
Old 11. Sep 2010, 11:14 PM   #2 (permalink)
Been Here Since the Begin
 
kendall.a's Avatar
 
Join Date: Apr 2008
Location: Colorado, USA
Posts: 2,333
Default

If possible, download and run HitmanPro. Also, if possible run the online scan called HouseCall by Trend Micro.
__________________
<-------Just jammin to some music....
kendall.a is offline   Reply With Quote
Old 12. Sep 2010, 01:46 AM   #3 (permalink)
Senior Member
 
Join Date: Feb 2010
Location: Bangalore
Posts: 183
Default

1.You can try MBAM (http://download.cnet.com/Malwarebyte...10804572.html) once installed and updated, log into safe mode and run a complete scan, that should help.

If download or update is failing, log into safemode with networking and try there.

2. You can try this http://www.symantec.com/security_res...112210-3747-99

3. Little complicated - Anti Virus boot cd's, you may need another system to create the cd.
To download: http://www.avg.com/ie-en/avg-rescue-cd
Help video (Click on "How to remove some infection using AVG Rescue CD")http://www.avg.com/ie-en/tutorials
__________________
Relativity applies to physics, not ethics...
tushR is offline   Reply With Quote
Old 12. Sep 2010, 07:49 AM   #4 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,311
Default

Weclome to the forum Resung.

I had encountered such a situation on my cousin's PC some months ago, where an infected pen drive had infected the computer, and Avast kept throwing alerts of a virus in the system, but was not able to remove it. I had to scan the PC with multiple security software in order to get the system right. I think here too, the situation requires that.

I would advise downloading these software : HitmanPro, MalwareBytes Antimalware, SuperAntiSpyware.

Download them, and update their definitions. If the virus prevents running their installers, then try changing their setup name to something else, and then run them. After they are installed, update their definitions. HitmanPro will update itself after installation.

If you have any problems updating, or scanning them, then boot into Safe Mode, and then try again.

First scan with HitmanPro. It has removal capabilities for the first 30 days, so it should find and remove malware.

After that scan with MBAM, and then SAS.

If you have doubt about any file that should not be removed, Google about it.

After scanning with the above, even if the scans and removals are successful, I would advise scanning the PC with an online scanner. I have found TrendMicro HouseCall to be excellent. It will require you to download a small exe, and when you run it, HouseCall will take sometime to udpate itself, and then start the scan. As its an online scan, it might take sometime, so let it run.

You can try Kaspersky Online Scanner too.

If even after all this, the virus problem still remains, then I would advise posting about this on a forum like bleepingcomputer.com, or MBAM's forum, where security experts can guide you.
__________________
Anupam
Anupam is offline   Reply With Quote
Old 12. Sep 2010, 11:51 AM   #5 (permalink)
Senior Member
 
Ritho's Avatar
 
Join Date: Apr 2008
Location: Planet Earth
Posts: 1,379
Default

Quote:
I was offline for several months until a few days ago when i reconnected to the internet.
I find this statement a little suspicious. How can anyone survive several months without being able to visit Gizmo's Freeware?

Seriously I give a second vote (or third if you are keeping count) for using Hitman Pro. But do be careful with it. It uses 4 or 5 different anivirus engines, three of which if I remember correctly are known for quite high rates of false positives. It doesn't hurt to double check any files it finds by uploading the files to virustotal.com Of course virustotal will also show positive results too because it uses 40+ antivirus engines including the same ones Hitman Pro uses. But if only one or so shows a positive it could be a false positive.

It seems that quite a number of people have reported false positives with computer manufacturer's preloaded software. I think I read that Toshiba and Dell softwares were the main ones affected, and several people lost functionality after indiscriminately allowing Hitman Pro to fix problems.

The nice thing about Hitman is that it can be set to remove viruses after a reboot and before the operating system loads. That way it is able to remove some deeply embedded viruses that are otherwise very difficult to get rid.
__________________
The smallest good deed is better than the greatest intention.
Ritho is offline   Reply With Quote
Old 12. Sep 2010, 08:06 PM   #6 (permalink)
Member
 
Join Date: Sep 2010
Posts: 19
Default

Thanks for the suggestions. I'm going to give Hitman Pro a try, then MBAM, then SAS, as Anupam suggests, then get back to you with the results.
Resung is offline   Reply With Quote
Old 12. Sep 2010, 09:17 PM   #7 (permalink)
Member
 
Join Date: Sep 2010
Posts: 19
Default

On the downside, i forgot to unclick one of the recommendations for delete by Hitman Pro and have now deleted my atapi.sys file, which from what i've read means my PC will no longer boot once i turn it off. So my next reply may be a while in coming since my Windows installation CD is back at my parents place...

Not been my week so far.
Resung is offline   Reply With Quote
Old 13. Sep 2010, 03:25 AM   #8 (permalink)
Senior Member
 
Ritho's Avatar
 
Join Date: Apr 2008
Location: Planet Earth
Posts: 1,379
Default

From my understanding, Hitman won't just delete an infected file like atapi.sys since it is a native windows file, but instead will attempt to replace it with a good copy of the file, if it can be found on the system. If a copy can't find a replacement it is supposed to just leave it and warn you.
__________________
The smallest good deed is better than the greatest intention.
Ritho is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 05:18 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.