Got a virus

Discussion in 'Operating Systems' started by cjs007, Jul 27, 2010.

  1. cjs007

    cjs007 Maha Guru

    Messages:
    1,458
    Likes Received:
    0
    GPU:
    E.V.G.A. 460 / 1gig
    I have this adware or virus that wont let me install Spybot Seach and Destroy it says *error sending adress* the server name or adress could not be named or resolved.

    It also keeps redirecting me to different web sites..

    I cant download superantispyware either...says it cant display the web page..


    HELP...:wanker:

    Also i ran AVG and it found a bunch of stuff even a few trojans and a dropper..
     
  2. wiskerbizkit

    wiskerbizkit Master Guru

    Messages:
    805
    Likes Received:
    0
    GPU:
    Sapphire 5850
    safemode>combofix>malwarebytes then you should be able to do whatever to finish the job.
     
  3. cjs007

    cjs007 Maha Guru

    Messages:
    1,458
    Likes Received:
    0
    GPU:
    E.V.G.A. 460 / 1gig
    Go into safemode?

    Do i type in combofix?
     
  4. cjs007

    cjs007 Maha Guru

    Messages:
    1,458
    Likes Received:
    0
    GPU:
    E.V.G.A. 460 / 1gig

    I cant do a Adaware update...i get a connection error check your settings.

    *FIXED*
     
    Last edited: Jul 27, 2010

  5. cjs007

    cjs007 Maha Guru

    Messages:
    1,458
    Likes Received:
    0
    GPU:
    E.V.G.A. 460 / 1gig
    Ive done different scans in safemode and all clean....But i have something going on in my web browser.....when i go to a web adress i keep getting redirected to a different web page...
     
  6. nvlddmkm

    nvlddmkm Banned

    Messages:
    4,187
    Likes Received:
    0
    GPU:
    EVGA GTX285
    Pull the drive and scan with a different machine using already recommended scans. Or "f-8" into safe mode and revert the drive to before it had the problems, then delete all restore points and save the current good one to go back to.
     
  7. Psychlone

    Psychlone Ancient Guru

    Messages:
    3,686
    Likes Received:
    2
    GPU:
    Radeon HD5970 Engineering
    wisker... I do it the other way around with great success.

    Combofix is a great utility, and should ONLY be downloaded from BleepingComputer.
    Download that to your desktop, then go grab the newest MalwareBytes Antimalware direct from their site and install it (if the virus will let you)

    Then, reboot into Safe Mode by hitting F8 at startup - choose Safe Mode with Prompt if regular Safe Mode fails (once inside Safe Mode w/ Command Prompt, if that's what needed to be booted into, hit Ctrl-Alt-Del and then File, New Task, then type EXPLORER.EXE) This takes you into the regular Safe Mode and is kind of a back-door if regular Safe Mode fails to boot.

    Once inside Safe Mode, run Combofix first - BE PATIENT. It has to go through 50 stages before it's close to done. Let it do it's thing and don't get impatient - rushing Combofix can and will bork your OS for good!!
    After Combofix is done, it will poop out a log that you should save to your desktop, followed by a required reboot.

    Reboot to Safe Mode again, but this time, choose Safe Mode with Networking, and run your newly installed MalwareBytes Antimalware, making sure to hit the UPDATE tab first, followed by the Perform Full Scan back at the first General tab.
    Again, you've got to let it do it's thing - you can finish it early, but there's no way to know if it got everything.

    After that, you'll have some damage control - wiping out the viruses is always the easy part - fixing the damage they do is always time-intensive.
    Even if you had 2 identical computers that were infected with identical viruses, they would have different problems after the viruses were removed due to the way the computers are used and what the viruses happened to attach themselves to.

    Check your Combofix and MalwareBytes logs to determine what crapware was where, and from those logs, you should be able to discern what files, if any, the viruses were attached to. If/when you find files that were infected but then disinfected, you're going to probably have to reinstall them - but here's the tricky part...if you simply just go grab the exact same file, chances are that you're going to re-infect your system. Do your due-diligence and make sure the program you're wanting to reinstall is a known-good program coming from a known good source.

    Good luck!

    Psychlone
     
  8. Extraordinary

    Extraordinary Guest

    Messages:
    19,558
    Likes Received:
    1,638
    GPU:
    ROG Strix 1080 OC
    You have a proxy set by the virus - reset IE8 and remove any proxies from networking too
     
  9. Psychlone

    Psychlone Ancient Guru

    Messages:
    3,686
    Likes Received:
    2
    GPU:
    Radeon HD5970 Engineering
    ^ Granted - which is one of the things that Combofix and Malwarebytes *should* fix (doesn't fix it all the time, but most of the time it's on the itinerary)

    Thing is, Adaware and Spybot S&D aren't going to get rid of anything malicious - I gave up on both those programs years ago when I finally figured out how to remove viruses effectively.


    If, after removing the viruses, you can't access the net, then changing the proxy settings back to Auto Detect or Don't Use Proxies (both in IE and Firefox or ??) will help you to get back online.

    Psychlone
     
  10. ST19AG_WGreymon

    ST19AG_WGreymon Guest

    Messages:
    4,697
    Likes Received:
    6
    GPU:
    eVGA RTX2070
    I'd play it safe, backup my data and reformat. You never know what kind of virus you have and what it can do. It could just be mucking things up or collecting data.
     

Share This Page