Possible Virus...PLease Help!!!!! - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 04-29-2004, 10:47 PM   #1 (permalink)
Banned
 
Join Date: Jul 2003
Posts: 878
Default Possible Virus...PLease Help!!!!!

A few weeks ago, I was surfing the web and a clicked on a site which caused my PC to act really funny. It opened up a bunch of web pages which wouldn't stop until I alt,cntl,deleted them to force them to shut. I noticed my desktop had new Icons on it that I didn't place there. I accidently clicked on one which was a batch job whiched messed up my PC. I couldn't open applications, ones I had open wouldn't close, I couldn't even clcik on start, shutdown. I had to restore my hard drive from scratch.

The question I have for you know is those very same icons are back after doing a simple search on red cars. What the heck should I do.


The 5 icons on my desk top are one with an "o" under it, another icon with an "o" nder it that is a batch job, another with 0021- bdl94126, another called SILENT, and the last one is CS4P08.

PLEASE HELP ME!!!!!!!!!
__________________

24giovanni is offline  
Old 04-29-2004, 11:20 PM   #2 (permalink)
Ultra Techie
 
Join Date: Apr 2004
Posts: 617
Default

Download AdAware 6 181 from here: http://www.lavasoftusa.com/
Before you scan with AdAware, check for updates of the reference file by using the "webupdate".
Then ........

Make sure the following settings are made and on -------"ON=GREEN"
From main window :Click "Start" then " Activate in-depth scan"

Then......

Click "Use custom scanning options>Customize" and have these options on: "Scan within archives" ,"Scan active processes","Scan registry", "Deep scan registry" ,"Scan my IE Favorites for banned URL" and "Scan my host-files"

Then.........

Go to settings(the gear on top of AdAware)>Tweak>Scanning engine and tick "Unload recognized processes during scanning" and "Let windows remove files in use at next reboot"

Then...... click "proceed" to save your settings.

Now to scan it´s just to click the "Scan" button.

When scan is finished mark everything for removal and get rid of it.(Right-click the window and choose"select all" from the drop down menu)


Then
Download Spybot - Search & Destroy from http://security.kolla.de

After installing, first press Online, and search for, put a check mark at, and install all updates.
Next, close all Internet Explorer and OE windows, hit 'Check for Problems', and have SpyBot remove all it finds that is marked in RED


Please do this. Click here: http://www.sherrylynn.us/HijackThis.exe to download Hijack This. Save it to it’s own folder (not temporary files or the desktop).
Close all open windows and open HIJACK THIS. Click “Scan”. When the scan is finished (it only takes a second), the scan button will change to “Save Log”. Click on “Save Log” and save it to NotePad. Copy the entire log and paste it here.

DO NOT FIX ANYTHING YET, most items that appear in the log are harmless or even needed. Wait for someone to analyze the scan and advise.
__________________

__________________
AdAware | Spybot S&D 1.4 | spyware guard & spyware blaster |

How did I get infected in the first place By Tony Klein

If you use IE I suggest using thes two programs IE Hosts & IE-SPYAD


Lobos is offline  
Old 04-30-2004, 12:53 AM   #3 (permalink)
Newb Techie
 
Join Date: Apr 2004
Posts: 6
Default

Yeah 24giovanni,
Those free porn sites are a real b1tch. It's amazing what
outsourcing of jobs does to the virus world. This is a memory
resident virus http://vx.netlux.org/lib/static/vdat/tumisc51.htm

The best thing to do when surfing the hacker/porn sites is
to harden the computer against such exploits.

Set up an account just for surfing the shady sites.
Turn off all the services like Remote Registry Service,
and configure the policies on the machine to deny access
to the registry and the system and system32 folders,
this may take some work to configure correctly ie without
receiving errors when accessing programs in this folder.
Of course turn of the Messenger Service for that user.
Make sure that you keep the security updates from Microsoft
current and the antivirus and spyware definitions updated.
Also make sure you disable the Runas service and have a strong
password for the admin account.


You can scan the PC with TrendMicro's free online antivirus
since it seems to pick up the oddball ones the top named
Antivirus programs miss. http://housecall.trendmicro.com/
hitanykey is offline  
Old 04-30-2004, 11:56 AM   #4 (permalink)
Banned
 
Join Date: Jul 2003
Posts: 878
Default

Hitanykey,

What can I do to remove the unknown desktop shortcut placed on my pc from the problem?
24giovanni is offline  
Old 04-30-2004, 12:10 PM   #5 (permalink)
ADZ
Master Techie
 
Join Date: May 2003
Posts: 2,231
Send a message via Yahoo to ADZ
Default

Spybot along with your virus scanner should pick up what is causing the icons to be there. And then remove them!

One other thing to add, when in Spybot S&D, make sure you check for any new updates before you scan, that way you have the latest spyware definitions.
ADZ is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 10:51 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.