My First Virus (Sort of)

W

Weiser_Cain

Limp Gawd
Joined
Jul 3, 2005
Messages
131
So I got my first virus in over ten years...I'm typing this with a PS3 controller.
I'm not handeling it well and wanted to know if a reinstall where I reformatted my drives (internal and external ) would wipe out the bugs?
The bug was some fake security screen.
 
Boot into safemode with networking
Install Malware Btyes.
Scan, Clean. Done.
Reboot. Install Microsoft Security Essentials. Scan
All clean:D
 
It should unless it was one that messes with your BIOS....or even the firmware on your drives, and other peripherals.
 
Weiser_Cain said:
So I got my first virus in over ten years...I'm typing this with a PS3 controller.
I'm not handeling it well and wanted to know if a reinstall where I reformatted my drives (internal and external ) would wipe out the bugs?
The bug was some fake security screen.
Click to expand...

yes.
although you should only need to wipe your OS partition/drive.
wiping any data drives would not be necessary if they didn't get infected.
 
Wiping and reinstall will fix it...if you want to go through all that trouble.

The malware removal tools available these days make it wonderfully easy to clean most of the fake rogues out there, see stickied thread top of this forum.
 
The sticky in this forum helped me out a few times for some nasty infections. Give it a shot; you can always fall back to wipe/reinstall if necessary.
 
Spybot + Avira + Hijackthis! Be careful with Hijackthis! if ya don't know what you're doing. Oh and from a professional, assume any drive you plug into said computer and any other computers that have had data copied from the infected machine are infected as well.
 
zaxour said:
It should unless it was one that messes with your BIOS....or even the firmware on your drives, and other peripherals.
Click to expand...

Viruses suck bad enough without this kind of misinformation... which is a kind way of saying take bullshit answers elsewhere.

OP: I'll agree with PTNL and YeOlde's suggestion. Visit the sticky, use the tools. You'll be up and running in no time.
 
Ok, ran Malwarebytes, Avira, and Spybot and that seemed to get it all, though the first start up after running in safe mode had Avira scan at startup and when it was done I couldn't open task manager and the start menu was empty so I don't think I truly trust this comp... speak of the devil I just got a redirect.
Well at least I can make a more recent backup. Nothing can hide in game saves and photoshop files right?
 
Doens't sound like you got it all yet, I'd add MSE to the list, running combofix won't hurt, and that Symantec unhookexec.inf
 
Did it look similar to this?

xp-anti-virus-protection.gif


I can't find the exact picture of it, but it's the most common add-on/virus that I get called to fix.

If it is, it's pretty easy to remove. Go to Task manager, find the securitycenter.exe, end it. Go to the Programs Folder and delete the security center folder. Delete all your cookies, temp files from the internet browser. On occasion I would have to un/reinstall Internet Explorer or Firefox. Then restart and you should be good. Note: Make sure you are the only account logged in.

Not exactly sure if this is what you got, but good luck! :D
 
Close it was actually named 57396636.exe and was in a folder of the same name in program data. The first thing I ran got that, though I know there was at least one other thing running that i neglected to manually check.
I think firefox may be hosed, it'll be a shame to loose my bookmarks but it's not worth the risk.
Question: Would these bugs interfere with anti-virus software installed after the fact?
 
Weiser_Cain said:
Question: Would these bugs interfere with anti-virus software installed after the fact?
Click to expand...
That's a subjective answer -- we do not have the full list of all threats from the infected machine, so a definitive yes/no is not possible. Personally, I would assume the worst about any existing antivirus installations. Uninstall the existing antivirus application, do the cleaning as described in that sticky, then do a fresh antivirus installation.

Your bookmarks can be exported to a file within Firefox, and that file can be opened with a clear text reader. A manual inspection of the bookmark URL's wouldn't hurt.
 
Weiser: This virus is pretty common these days. XP antivirus AKA personal antivirus can be a bit of a PITA to rip out if it gets the time to dig itself in. I have removed it from two different machines from two different clients in the past month. One has just gotten infected and did not have a chance to really spread. A delete of the executable and spybot removal of a couple registry entries was all it took.

The other required some boot time spybot scans, some manual registry key removal, and a bit of diging around to find other files it had put itself into. hijackthis and/or process explorer can help you with that. Also keep in mind that this virus will insert itself into system restore images and reinfect the machine from there. You can clean the restore files but unless you really love system restore just disable it and delete all your old images by reducing the available disk usage to 0%
 
You must log in or register to reply here.
Back
Top