PDA

View Full Version : Trojans etc



Cicero
21-04-2011, 06:24 PM
A slight problem on my PC,

I have 2 hard drives, each with a OS, the one with win 7 has a blue screen with a app that is called MS removal,it runs and tells me it has found 32 problems and if I purhase the system, all will be well.
This has happened b4 ,I closed down and restarted from dual boot,opened in Vista, went to computer and asked MSE to run a scan of the win 7 H/D,that did the job.

Done this again but when I went to win 7 on a new reboot, the virus is still there(blue screen and all)

What next I wonder?

Speedy Gonzales
21-04-2011, 06:32 PM
Follow this (http://www.bleepingcomputer.com/virus-removal/remove-ms-removal-tool)

LynX
21-04-2011, 06:40 PM
Have you tried booting Win7 in Safe Mode, and do a full scan with MalwareBytes? It worked for me on AntiVira AV.

Get it Here: http://www.malwarebytes.org/

This site has instructions, too:
http://www.bleepingcomputer.com/virus-removal/remove-ms-removal-tool

dugimodo
21-04-2011, 11:51 PM
As you have another working OS I would personally scan from that as you have done myself.

Antimalwarebytes and spybot would be a good start, this is a nasty bugger to remove though. Speedies link definately is worth trying also , it's just easier to scan from another OS I think.

Cicero
22-04-2011, 01:06 AM
Thank you all lads.

The trojan or whatever stopped me from running any counter anti virus unit I had available, but for some reason I was able to open I/E, so I downloaded Speedies solution and problem was solved!

Cicero
22-04-2011, 09:09 AM
One has to appreciate the help given by Site guard, but now it wants to take over with free offers and pop ups.

Cicero
29-04-2011, 12:19 PM
Follow this (http://www.bleepingcomputer.com/virus-removal/remove-ms-removal-tool)

What would you call this?

Speedy Gonzales
29-04-2011, 12:30 PM
A link?

Cicero
29-04-2011, 12:45 PM
A link?

To?

Snorkbox
29-04-2011, 12:50 PM
To?

A removal tool.

Speedy Gonzales
29-04-2011, 12:52 PM
Like it says it tells you how to remove ms removal tool

Cicero
29-04-2011, 12:58 PM
A removal tool.

Which you say you didn't advise?

lol yer right. I 've never used stopzilla myself. So, why would I tell anyone else to get / use it The removal tool is StopZilla.

Speedy Gonzales
29-04-2011, 01:01 PM
You're seeing things. There's nothing on that site about Stopzilla. You've got Stopzilla on the brain

Cicero
29-04-2011, 01:11 PM
You're seeing things. There's nothing on that site about Stopzilla. You've got Stopzilla on the brain

So what is this.........?

http://goo.gl/gocif

That is what I get when I open your link?

Speedy Gonzales
29-04-2011, 01:12 PM
Something on your system not mine or the link

bevy121
29-04-2011, 01:12 PM
maybe he's getting redirected there unknowingly

host file perhaps?

bevy121
29-04-2011, 01:21 PM
Cicero... paste the actual url you end up at when clicking your link (goo.gl/gocif)

I end up at Bleeping computers... do you end up somewhere different than this?

http:// dubdubdub bleepingcomputer.com/virus-removal/remove-ms-removal-tool

"Remove MS Removal Tool " on top of the page

1101
29-04-2011, 02:02 PM
Sounds like your still infected ??

Some of these new fake AV's etc this week are doing alot more damage than previous versions. Last few Ive seen have been pretty bad. Basicly trashing the system.
Setting ALL files to read-only/hidden is a nasty trait of one of them. I think it also changed permissions on some files.
Just running the usual scans can leave you with a still infected or trashed system .

Make sure all AV scans you run are set to scan all files, not a quick scan
also run TDSSkiller (important), download from Kaspersky
and RESET/default IE (from ctl panel)
look for bogus proxy's in the internet connection, ctl panel,internet,connections, LAN
run HijackThis
also try SpywareDoctor (download from major geeks). Uninstall this after use.