Hello.

After some browsing a site by my connesiour self I was haxored by 2 bastard trojans that turned the firewall off and security off and did it's thing. Slipped straight past Avast, normally I get the siren warning me.......P.O.S. Got SuperAntiSpyware on the case straight away it found 2 trojans and deleted them. Asked if I wanted to complete the deletion by turning off PC so I did and rebooted it. Now nothing will work properly. I can't open any application as it says it's been renamed or removed (triedMalwarbytes, Avast, SAS and Spybot) but I also can't open up system restore or anything like that. I can still open files such as DL's shows etc so VLC still works. Anyone got any options for me other than formatting and starting all over again?

I have managed to do a scan with Avast by going through the open with menu and finding it saved on the C: drive but it found zilch......

System Restore?

Hello.

After some browsing a site by my connesiour self I was haxored by 2 bastard trojans that turned the firewall off and security off and did it's thing. Slipped straight past Avast, normally I get the siren warning me.......P.O.S. Got SuperAntiSpyware on the case straight away it found 2 trojans and deleted them. Asked if I wanted to complete the deletion by turning off PC so I did and rebooted it. Now nothing will work properly. I can't open any application as it says it's been renamed or removed (triedMalwarbytes, Avast, SAS and Spybot) but I also can't open up system restore or anything like that. I can still open files such as DL's shows etc so VLC still works. Anyone got any options for me other than formatting and starting all over again?

I have managed to do a scan with Avast by going through the open with menu and finding it saved on the C: drive but it found zilch......


System Restore?

Apparently not.

Can't open it. When I click on it, it asks me what program I would like to open it with, same as all other applications. Can't find a back way in to open it either.... but then my computer skill is limited to browsing, e-mails and playing Freecell

Can't open it up in safemode either?

spybot s&d inside safe mode

Everyone needs to grab a copy of combofix.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Grab it from there, also obviously shows how to use.

Basically run the exe, follow the prompts. Sometimes I find you have to rename it to jkdasfsdfajk.exe (or whatever) as the bugs kill the process named combofix to save themselves.

Use it in normal mode, or if that fails, safe mode. After that I love to hit a PC with MBAM as you already tried. (edit - I do this often as part of my job)

Those two get most killer bugs pretty nicely! It may redirect your web surfing, so get me or someone to email it to you in a ZIP or RAR or direct link it or something.

stop looking at porn pingpingpingping

what exactly does it come up with when you try to open (and what exactly are you opening?)
I removed a trojan yesterday that stopped any .exe (program) from opening and I had to run a registry fix to restore it.

Run malwarebytes in safemode to ensure nasties are removed to start with though.

That reminds me we had the no EXE bug on a pc. rename combofix to a .com file!

Everyone needs to grab a copy of combofix.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Grab it from there, also obviously shows how to use.

Basically run the exe, follow the prompts. Sometimes I find you have to rename it to jkdasfsdfajk.exe (or whatever) as the bugs kill the process named combofix to save themselves.

Winner, thank you very much sir!! Took about 10 seconds to fix, cheers a lot!!

Will sweep all files again with everything I have. What's all this talk about safe mode, how does one get the PC into safe mode?


stop looking at porn pingpingpingping

Turns out I was watching your mum, pingpingpingping. Actually was watching a series of clips from Family Guy, saw a link on the side saying badchix.com and thought what the fuck? WTF indeed LOL


See you tomorrow by the way? Shouild be up there about 11am

Winner, thank you very much sir!! Took about 10 seconds to fix, cheers a lot!!

Will sweep all files again with everything I have. What's all this talk about safe mode, how does one get the PC into safe mode?


press f8 while the PC is booting up and you will get a menu of choices.
Very handy for getting rid of virus/malware that like to use system services etc to automatically start (and redirectors etc)

Everyone needs to grab a copy of combofix.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Grab it from there, also obviously shows how to use.

Basically run the exe, follow the prompts. Sometimes I find you have to rename it to jkdasfsdfajk.exe (or whatever) as the bugs kill the process named combofix to save themselves.

Use it in normal mode, or if that fails, safe mode. After that I love to hit a PC with MBAM as you already tried. (edit - I do this often as part of my job)

Those two get most killer bugs pretty nicely! It may redirect your web surfing, so get me or someone to email it to you in a ZIP or RAR or direct link it or something.

So all you do is run combo fix?

Ive done it, its given me a log- but has it fixed stuff?

what exactly does it come up with when you try to open (and what exactly are you opening?)
I removed a trojan yesterday that stopped any .exe (program) from opening and I had to run a registry fix to restore it.

Run malwarebytes in safemode to ensure nasties are removed to start with though.

I tried to open system restore via start menu - all programs - accessories - system tools and it would pop up a box asking what program I want to use to open it with, same as any of the spyware stuff I have. It also made the mouse scroll speed using the mouse wheel really slow and muted the volume on everything. Couldn't access any program yet I could play a song or watch a video by clicking on a saved file and VLC would play it, yet because it was muted and I had no way of turning it up it was a bit pointless.

Anyhow seems to be at least halfway resolved, now to try safe mode.

Thanks all and remember kids, prOn is bad mmkay

You're welcome, fellow forumer!

Group hug!!!! Feel the love.



And the log it creates....I dont bother to read that. instead to see if it nuked anything, goto C:\qoobox. Should be a file called quarantinedfiles.txt or something similar in there, read that and it will list the things it delted. You can also then browse subfolders of qoobox to see the files themselves, delete them once you are sure PC is workign properly (I've never had to 'restore' a removed file though).

So all you do is run combo fix?

Ive done it, its given me a log- but has it fixed stuff?

Got me sorted :)

You're welcome, fellow forumer!

Group hug!!!! Feel the love.

:3some:

I tried to open system restore via start menu - all programs - accessories - system tools and it would pop up a box asking what program I want to use to open it with, same as any of the spyware stuff I have. It also made the mouse scroll speed using the mouse wheel really slow and muted the volume on everything. Couldn't access any program yet I could play a song or watch a video by clicking on a saved file and VLC would play it, yet because it was muted and I had no way of turning it up it was a bit pointless.

Anyhow seems to be at least halfway resolved, now to try safe mode.

Thanks all and remember kids, prOn is bad mmkay

yeah, a lot of them will fuck with file associations when removed, pain in the fucking ass.

Oh and www.youporn.com


maybe also www.fucktube.com. I've had to tell a bloke at work to go there hey, after he came back in for the third time loaded to the gills with spyware. Dropped the professional front for a moment and gave him the link to it...LOL. Fucker still didn't learn hey, but it's pay in my pocket so whatever!

Everyone needs to grab a copy of combofix.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Grab it from there, also obviously shows how to use.

Basically run the exe, follow the prompts. Sometimes I find you have to rename it to jkdasfsdfajk.exe (or whatever) as the bugs kill the process named combofix to save themselves.

Use it in normal mode, or if that fails, safe mode. After that I love to hit a PC with MBAM as you already tried. (edit - I do this often as part of my job)

Those two get most killer bugs pretty nicely! It may redirect your web surfing, so get me or someone to email it to you in a ZIP or RAR or direct link it or something.



Dads computer got raped by some virus, was about to format and thought i might as well try this... HOLY FUCK ITS GOOD :eek:

i got a virus from a facebook friend request..opened it up and the computer spazzed out..wouldn't let me open anything,said all programs and files were infected.$150 later got it cleaned off..computer guy said that no matter what anti virus software you have,they manage to find some way to screw things up..f$#kin nerds.

i got a virus from a facebook friend request..opened it up and the computer spazzed out..wouldn't let me open anything,said all programs and files were infected.$150 later got it cleaned off..computer guy said that no matter what anti virus software you have,they manage to find some way to screw things up..f$#kin nerds.

likely a fake facebook request

likely a fake facebook request

Ask them to meet up for coffee or something then punch them in the face and walk away

thats exactly what the computer guy said,was a fake profile just to infect other computers.

I'll have to keep in mid that there's facebook virii about! I've always assumed it was safe but I guess the virus writers can use scripts on FB too :/

Shitty site design and shitty security on PCs from a fundamental level!

remove hard drive from the computer and then do a malwarebytes scan and avast or what ever other antivirus scan on the hdd. you will struggle to run antivirus software effectively within the operating system that the virus's are in as they tend to block the software or move around so that even though you may have removed them they have copied themselves to another folder etc...
Always doing a reinstall is the best option but if your not keen on that then this is probably the best option.

hope this is some help

combofix ftw... if its up and running again.. was down for a while

combofix ftw... if its up and running again.. was down for a while

+1 im still running old ie and it kept shutting itself down every min or so ran combofix and problem solved :)

Use firefox before it's too late!

Use firefox before it's too late!

+1

Use firefox before it's too late!

Any tips on getting Firefox to look more like IE? For me the resolution is nice and crisp with IE, but when using Firefox, it looks like I'm using an old 486 all over again. Very dull and even text on the screen looks like it was programmed by someone using a Commodore 64

I think that must be font smoothing (or cleartype)...IE does that from memory. I prefer my text properly crisp - no fuzzing of the edges.

I also prefer no spyware! hahaha...

You can probably get a skin or plugin for firefox to make it IE like but I'll let others point you towards those. I still run my XP in 98/win2k lookalike mode...no round edges or mouse shadows here.