Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Your system is infected message
Options
-
14-08-2009 11:06am#1Hi i'll give a little background:
I use Avira Antivirus software for virus protection when online.
Recently someone at home clicked some link and the antivirus program started detecting loads of trojan viruses and askin to either delete or quarantine these etc. So I clicked delete on all of those - but I think it was too late as a big red x was appearing in the corner of the screen and a message came up saying windows is infected click here to install something that will help it - so clicking there was doing nothing (possibly the message was the virus itself) and i ran a full system scan which found nothing.
Then I installed the latest version of antivirus but as computer froze i just turned it off.
When i turned it on windows failed to start and a message asked do you want to go back to the last time it was all working fine? I clicked that and windows loaded and a message in the corner said malicious software has been removed?
Also a warning that the firewall is turned off - so i turned it on.
Then i started another full system scan and decided to turn on the internet, 30 seconds later that message came up again that your computer is infected and the firewall is turned off! so I shut off the internet connection and the system scan found 7 viruses all of which were moved to quarantine and then i deleted them.
Any good antivirus software that you guys know of that I could run to catch this thing? I don't think the virus is gone yet
0
Comments
-
-
-
Hi again,
I've tried malwarebytes - it is very good for the detections now i have to say. It solved the problem temporarily - until i turned on the internet and the can of worms opened up again.
There is some executable virus in the system folder which i cannot remove.
Everytime i do it appears again
The trojan horses that get in once i turn on the internet disable any security features - firewall etc and kill the antivirus program
I guess there isnt anything left but to get the backup disk and reboot the whole thing?0 -
hi
Please download ComboFix from Here or Here to your Desktop.
**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**- If you are using Firefox, make sure that your download settings are as follows:
- Tools->Options->Main tab
- Set to "Always ask me where to Save the files".
- During the download, rename Combofix to Combo-Fix as follows:
- It is important you rename Combofix during the download, but not after.
- Please do not rename Combofix to other names, but only to the one indicated.
- Close any open browsers.
- Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
- Double click on combo-Fix.exe & follow the prompts.
- When finished, it will produce a report for you.
- Please post the "C:\Combo-Fix.txt" for further review.
0 - If you are using Firefox, make sure that your download settings are as follows:
-
-
Advertisement
-
minxie make your own topic please
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste the text in the quotebox below into it:File::
FCopy::
c:\windows\system32\dllcache\beep.sys | c:\windows\system32\drivers\beep.sys
KillAll::
Folder::
Registry::
Driver::
Save this as CFScript.txt, in the same location as ComboFix.exe
Refering to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
Please download OTM- Save it to your desktop.
- Please double-click OTM to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
- Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
:Processes :Services :Reg :Files c:\windows\system32\SET*.tmp :Commands [purity] [emptytemp] [Reboot]
- Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
- Click the red Moveit! button.
- Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
- Close OTM and reboot your PC.
0 -
-
-
-
-
Advertisement
Advertisement