Infected plz help

[sarah.jennifer]

I was infected with either a virus or spyware earlier today. I was able to use system restore to get to where I am functioning again but I do not believe all is well. I ran adaware, Norton and spybot. Spybot had some artifacts that it could not remove. Norton found two entries. I have yet to reboot for fear that the malware will reappear. I need desperate help. Thanks in advance for any help.

[DMB2000uk]

Run HiJack This and post your log.

Dan

[KnightRid]

Ok my message disappeared

try #2

if spybot said it had to restart to finsh removing things, let it restart. It will run again before windows fully loads and find anything taht got re-activated also.

Check add/remove programs for rogue programs you did not install. If you dont know what they are, post here and someone will be able to tell you if it is safe to delete or not.

Mike

I never liked hijack this because it just isnt newbie friendly or even normal users friendly.

[Zelig]

Try Kaspersky and superantispyware if you're having trouble removing stuff, they're the most effective programs I've found to actually remove viruses and malware, respectively.

[Solinari]

I have heard good things about NOD32 and i have Kaspersky myself, sometimes you can locate and manually delete the files using your Anti Virus. I remember having to do that myself with Norton, which is now not only bloat ware, but a pure resource hog.

[DMB2000uk]

If you know what you are looking for, hijack this is very useful. Though if you've no idea what to look for you do need someone else to help, hence the asking for it to be posted ^_^

Dan

[dicecca112]

make sure you run in safe mode when you remove the infection/

[Darkstar]

And you will have to clear the system restore point or risk getting reinfected.

[dicecca112]

And you will have to clear the system restore point or risk getting reinfected.

Very very good point. Its an inherent problem with Windows, virus and Spyware latch on to files in the restore folders. So if your in normal mode, then windows doesn't allow you to move or delete the infected files, but in safe mode you can. oftentimes people are like WTF, I keep getting reinfected, and its usually do to enough of the infection being left there so that it can reinfect you.

[Tech_Greek]

1) Download Spybot S&D and update it, copy the program files to a burnable CD.
2) Find copy of ERD Commander and burn it and boot from it.
3) Run SS&D and remove anything it finds.
4) Boot the computer into Safe Mode, run it again and remove anything.
5) Run HiJackthis off of trendmicro.com (bottom of page)
6) Remove things using hijackthis.de as a log analyzer
7) Restart and post hijackthis log afterwards and results.

[cayden]

Download any free anti-spyware program that can help you to remove the infection.
I recommend you to download the program called Spyware sweeper from http://www.spyware-sweeper.com This will manually remove the spyware, which is hijacking your browser. You would find detailed instructions at the site.

[stev]

I would use caution since that last poster has only posted 1 time ever in these forums. The last thing you need is another worm or hack virus doing malware to your machine recommened by a user who only posted once ever. There isn't any credibility behind the information unless a really good and known poster here can back it up.

My son is dealing with the AIM b.exe virus right now. It's a little nasty varmit, but it's been hard to get rid of. McAfee has a page dealing with it back in 2003, but since then, the links there are dead to navigate to the fix. Even the M$ page is a 404 (not found) page.

Hope that your infection on the machine gets cleared up soon. Keep us posted.

[dicecca112]

hey's fine I checked the link right now in VMware.