Jump to content

I've got some weird virus i can't get rid of!


Lare Kikkeli

Recommended Posts

Sooo when i start a program, almost any program (say spybot) i get this:

 

 

post-2327-1164138321_thumb.jpg

 

 

that kinda made me cautious so i decided to run both spybot and adaware.

so i start adaware and suddenly computer has some serious slowdown issues. i press ctrl+alt+delete and what do i see?

 

this:

post-2327-1164138673_thumb.jpg

 

 

so i do some reseach and for some reason this strange virus starts up a clone program which ends up draining my CPU speed and ram, unless i close it from windows task manager. adaware or spybot cant find any malware/adware, but my virus scan says i've got a trojan. ok, so i tell it to move it to the vault (whatever that means, it was the recommended option) and everything should be kosher.

 

but lo and behold, it still pulls all that same stuff! now i havent done a second virus scan yet in the hopes that i wouldnt have to (since it takes so long and i have to babysit it because i'm neurotic) and that some of you might know whats wrong with my dear old machine.

 

anyway i hope you can help me, i really should format my HD since its been like three years since i last did it, but i was hoping i could make some backups of my massive mp3 collection.

 

thanks in advance.

 

 

ps. this weird virus also sometimes hogs all my bandwidth and i need to restart.

Link to comment
Share on other sites

Have you tried doing a scan in Safe-Mode? As well, what about an online scanner like:

 

Trend Micro

Pandasoft

Symantec

 

There are several are other possibilities - but these should be of use. The reason they and a Safe-mode scan may be of more use is if the malware/trojan is in residence, it cannot be removed easily. When you do a Safe-mode scan, make sure you disable System Restore - I suspect this may also be apart of the problem. Whatever you have is hiding out :?

The universe is change;
your life is what our thoughts make it
- Marcus Aurelius (161)

:dragon:

Link to comment
Share on other sites

I say back up whatever you can and do a full format ASAP.

 

Then, when all is done, scan your backup with a fresh system/antivirus and hope you don't lose anything.

 

Or, you could do a print out of your massive collection and acquire it some other cheaper way after the format.

 

As gamers I believe we should do a full system format every 3 to 6 months because of all the pathces, mods, wallpapers, etc that end up on our machines. That's what I do and I rarely have any problems with viruses.

 

By the way, a full format also resets any registration that you might have with a legal copy of, say, Norton so your 2005 copy will still be valid by the end of the decade, providing Symantec still supports it.

 

Anyway, that's what I'd do if I was in your shoes.

Link to comment
Share on other sites

Full format seems a little drastic to me, but you do need to identify the virus, and you can't really do without a virus scanner.

 

The web based ones are a fast way to solving the problem, but get a free/trial scanner as well.

 

Some people chose to do a full reinstall and format every few months as a kind of software spring cleaning, it does help, but it seems like a lot of work to me considering things like service packs and programs you use a lot.

Edited by Gorgon

Na na  na na  na na  ...

greg358 from Darksouls 3 PVP is a CHEATER.

That is all.

 

Link to comment
Share on other sites

Don't panic and don't reformat. :)

 

As Fio advised, do a scan in Safe Mode, and delete any copies of malware found. Furthermore, use Process Explorer to find out more information about running processes (it even has a handy "Google" option for process names). For example google on "dllhost32" reveals that it is an unwanted process and gives clues for its functionality (some search results tell me that "[this malware] is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry"). Use Autoruns to weed out any autorun keys, including loading drivers.

This statement is false.

Link to comment
Share on other sites

There's also a 30 day free trial version of Kaspersky Antivirus to download if you really want a thorough check of your system. It's horribly slow and virtually rapes your system, but it usually finds everything malware related. Worth a shot.

Swedes, go to: Spel2, for the latest game reviews in swedish!

Link to comment
Share on other sites

I use NOD32! But I did buy it online.

 

It's very cheap and they have a Swedish webpage!

 

http://www.nod32.se/t_resource_10.php

 

Also, it's won a fair deal of tests, uses very little resources and is lightning fast. It doesn't strike me as being as safe as Kaspersky though.

Swedes, go to: Spel2, for the latest game reviews in swedish!

Link to comment
Share on other sites

If you have the virus identified use symantec's virus library, there you will likely find that it needs several steps to be successfully removed, safe mode, reg editing, etc.

 

Many anti virus programs only give you one go and do not suppply these in depth removal instructions, but even without owning a symantec program you can write down the steps needed to manually remove the virus.

 

Go to viruses in the drop down menu and paste the virus name (the name needs to be an exact match.)

 

 

http://www.symantec.com/enterprise/securit...rer/threats.jsp

Edited by Gorgon

Na na  na na  na na  ...

greg358 from Darksouls 3 PVP is a CHEATER.

That is all.

 

Link to comment
Share on other sites

well, i ran my virus scan again (i'm using avast anti virus because i'm too cheap to buy norton etc ) and again, it recognised that i have a trojan. this time i deleted it, but after the scan and a reboot i still get the same messages. looks like its format time for me ;)

Sneaky trojans add autostart instructions in your Registry, so after your AV programme deletes the one in memory, upon rebooting it is loaded again (from somewhere not cleaned).

 

Run the AV again, in Safe Mode, after removing it the first time. (If you have a persistent offender.) The big names usually know how to deal with such a technique. :)

OBSCVRVM PER OBSCVRIVS ET IGNOTVM PER IGNOTIVS

ingsoc.gif

OPVS ARTIFICEM PROBAT

Link to comment
Share on other sites

  • 1 year later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...