|
Post by KevFalcön07 on Dec 15, 2011 3:41:32 GMT -5
What's the best course of action to remove the malware in the title? Anyone's computer ever been infected with this one? I already had malwarebytes installed, but ever since this stupid thing got on my computer, it won't even let me open it or my other antivirus! Can't be gone for a couple of hours without someone messing your computer up...
Thanks in advance.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Dec 15, 2011 3:43:17 GMT -5
MalwareBytes Anti-Malware.
Worked for me every time.
|
|
|
Post by KevFalcön07 on Dec 15, 2011 3:47:31 GMT -5
Like I said...I already have that program. Ever since this malware affected my computer, it won't even let me open up MalwareBytes, or Microsoft Security Essentials.
|
|
|
Post by KevFalcön07 on Dec 15, 2011 3:51:36 GMT -5
Tried re-installing MalwareBytes as well. No use in that, either. Still won't open.
|
|
|
Post by Jedi-El of Tomorrow on Dec 15, 2011 3:52:50 GMT -5
Have you tried System Restore?
|
|
|
Post by KevFalcön07 on Dec 15, 2011 4:09:46 GMT -5
Have you tried System Restore? I'm honestly not very computer savvy, but I think I know what you're talking about, just have never done it before. I'm told you can do a system restore to put your computer in the same condition it was in, say...a week ago? Am I on the right page?
|
|
|
Post by El Cokehead del Knife Fight on Dec 15, 2011 4:12:23 GMT -5
Can it run in safe mode?
|
|
|
Post by KevFalcön07 on Dec 15, 2011 4:16:30 GMT -5
As embarrassing as it is for me to admit, I'm not even sure what safe mode is =/ I know, it's a pain dealing with people like me. Like I said...anything but computer wise =( Sorry.
|
|
Welfare Willis
Crow T. Robot
Pornomancer 555-BONE FDIC Bonsured
Game Center CX Kacho on!
Posts: 44,259
|
Post by Welfare Willis on Dec 15, 2011 6:27:32 GMT -5
Yes, my brothers get malware all the time (stupid facebook). Here's what you do. Look for a program can rkill. Here's a link from cnet: download.cnet.com/RKill/3000-8022_4-75221743.htmlThis is what it does: After that boot your computer into safe mode. Once loaded, use rkill. It will break the malware processes allowing you to use malware bytes. Then use malware bytes to scan for the malware and get rid of it. Then reboot. You shouldn't have any problems after that. If it's still occuring make sure your malware bytes is up to date. Good luck!
|
|
|
Post by Brandon Walsh is Insane. on Dec 15, 2011 6:39:38 GMT -5
You need to run malware bytes while in safe mode.
Restart your computer, and press F8 while the boot up screen comes up.
It should take you to a screen that asks you which mode to boot up in... check Safe Mode.
It'll load with SAFE MODE at the top of the screen in white... now run malware bytes, and let it do it's thing. The malware process won't be running, so you'll be fine.
Don't do system restore with a virus, a lot of time they infect the restore point, so it'll show up after you restore.
Good luck.
|
|
|
Post by KevFalcön07 on Dec 15, 2011 14:05:18 GMT -5
Thanks a lot, everyone.
|
|
Burst
El Dandy
*inarticulate squawking*
Posts: 8,599
|
Post by Burst on Dec 15, 2011 14:22:25 GMT -5
There's also a program, I want to say from the same people that made rKill, that undoes the registry changes that XP Antivirus 2012 does.
Believe me, I know, I've somehow got it twice this week, yesterday and last Sunday. It's been going around like crazy lately.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Dec 15, 2011 15:47:47 GMT -5
There's also a program, I want to say from the same people that made rKill, that undoes the registry changes that XP Antivirus 2012 does. Believe me, I know, I've somehow got it twice this week, yesterday and last Sunday. It's been going around like crazy lately. just like the herp
|
|
|
Post by KevFalcön07 on Dec 15, 2011 16:08:23 GMT -5
Ok, so...I've been running MalwareBytes on safe mode, as suggested...while it did find and remove three malware files...XP Antispyware 2012 is still present on my computer. Here's another thing...
It would only let me run or open MalwareBytes on the administrator's account. Not on my personal account, which was the one that was logged on when infected.
|
|
|
Post by Threadkiller [Classic] on Dec 15, 2011 18:17:36 GMT -5
It's alarming how often I get this virus. It somehow keeps finding its way around the million spyware/malware programs I have.
Here are three different things I tried that worked three different times, with the first two never working again after that (so if these work, take advantage of the opportunity and shore up your virus defenses):
1) Winsock reset: Run command prompt (cmd), type in "netsh winsock reset" (without the quotes), and reboot. 2) Change your date and time settings: I find that if you move the date exactly one week forward on your system, and then reboot, the virus disappears. Then you can just set the date back how it was. Worked for me exactly one time. 3) Reboot in safe mode (with networking). Once you're on your desktop, right-click your antivirus client and choose "run as administrator." This tends to bypass the lock the virus has on your antivirus software. Run a full scan. In fact, run every antivirus program you've got, since some programs tend to catch elements of the virus that others may miss. My hardcore quartet, all of which are free to download: Spybot Search & Destroy, Malware Bytes, Windows Security Essentials, and SuperAnti-Spyware (Free Edition).
Once these programs run and detect all the threats, have the threats quarantined and/or removed, reboot, and you should be good to go. It sometimes comes back, so make sure your virus definitions on the software are always up to date, and that you have regular scans scheduled with the programs.
|
|
|
Post by DSR on Dec 20, 2011 5:06:54 GMT -5
Okay, my computer just got hit by this (or something similar). When I reboot my computer, I can't get my mouse or keyboard to do anything, so I can't even click on Malwarebytes or anything.
So, uh, just how screwed am I?
|
|
|
Post by bitteroldman on Dec 20, 2011 5:34:09 GMT -5
Ok, so...I've been running MalwareBytes on safe mode, as suggested...while it did find and remove three malware files...XP Antispyware 2012 is still present on my computer. Here's another thing... It would only let me run or open MalwareBytes on the administrator's account. Not on my personal account, which was the one that was logged on when infected. This is useful information. If the malware is active only when you log in as a particular user then the command or commands to launch it are found somewhere in the registry key hkey_current_user as opposed to hkey_local_machine (which woulld laucnh the malware anytime the pc is booted). As mentioned in an earlier post power on the pc, hit F8 and when prompted select "Safe Mode With Networking". This should allow you to connect to the Internet but not allow the malware to launch.Login with the user that has the spyware associated with it (not as admin). Open a browser and go to housecall.trendmicro.com/Trend Microsystems has a free online virus scan, and its a very good product. Download the 32 bit version of the program (I'm assuming your pc has a 32 bit processor, most do) and run it. It may take a while for the software to complete its scan so you may want to kick this off at bedtime or shortly before you leave for work. Also before you start the scan, click settings and make sure you select "Full Scan"; the default is "Quick Scan" and this might miss something.
|
|