Reply With Quote
Stinger v10.1.0.843
great for removing fake anti-viruses
Well today I got some message that my PC may be infected and is being attacked and do I want to run AntiSpyWare and stop it and I have to purchase it in order to stop the virus. I can't open any other programs at all and I was able to do a restore and it worked but then today it started again. I booted up in safe mode and have been burning my files that I want to save. Afterwards should I just re-install windows? What type of free spyware or anti-virus links are you all familiar with.
I know I don't normally post in here but thought I'd ask those whom I think would more likely know.
Thanks.
Stinger v10.1.0.843
great for removing fake anti-viruses
thanks for the link!
SuperAntiSpyware - http://www.superantispyware.com/?tag...PERANTISPYWARE
Malwarebytes - http://malwarebytes.org/
Avast! Anti-Virus - http://www.avast.com/free-antivirus-download
It sounds like you got Fake Alert, also known as "Anti Virus 2010"
Does the alert look something like this?
If so, SuperAntiSpyware will probably do the trick. If your savvy enough with a computer, you might also want to check msconfig in the "startup" tab for something funky. It might be trying to launch an executable either called av.exe or ave.exe.
The reason it came back, and Im willing to put money on this, is because there is a prefetch file in your computer. Do a file search, make sure to search even for hidden system files, and search for ave.exe. It will probably come up with a prefetch file as the only listing. Delete it.
Next, if your comfortable with it, go into your registry and do a "Find" for ave.exe and delete every one that it finds (hit F3 to search for the next one). Just make sure to delete the ones that are ONLY ave.exe, the search will come up with other finds, for example screensave.exe and you dont want to dele those. In fact, make a backup of your registry before you do anything.
By any chance, have you visited mysa.com recently? We have had to block our users from accessing their webpage because they are infected.
dude...
combofix/sdfix
a-squared
Thanks everyone. I burned all the files I wanted and yes, that Anvti-viris thing is popping every few minutes and it won't allow me to open up any other programs.
I will try the above fixes.
well i downloaded the superantispyware but it won run because I keep getting message that it is infected and won't launch. I such an idiot.
Maybe try safe mode.
I'm going to try that and see if I can run it from there. Thanks!
Hey Joe right click the program don't double click it.. when you do you will see "run as" then you get a window like this.
pick a user then open the program.
I had a notebook with that annoying windows security alert crap and I couldn't get spywear terminator to open unless I did it with run as but it worked for me.
Last edited by mouse; 04-25-2010 at 10:38 AM.
thanks for the 2 programs. no wonder why i couldnt dl at full speeds cause i had fkn bs on my comp
hey mouse know any programs i can use to throttle speeds on other wireless comps in the house???
I have been using this.
http://www.uniblue.com/software/speedupmypc/
You can get it free here.
http://btjunkie.org/search?q=speed+up+my+pc
FYI, you'll save yourself a lotta headaches by reinstalling Windows
NAW JUST USE System Restore THIS HAPPENED TO ME THE OTHER DAY ITS ONLY A VIRUS IF U CLICK YES, NO VRUS REMOVAL WILL REMOVE IT YOU HAVE TO DO THIS
1- click start at bottom of screen
2 - then click all programs
3 - then click pc help tools or could be in accessory's
4 - then click on system restore
5 - then click on restore to an earlier date
6 - choose a date when it was working
7 - let it run it may take a while - follow directions - if any
8 - restart
some virii out there attach themselves to restoration points/recovery par ions.
yes, dont do a restore.... almost always a waste of time with this malware.
You need to find the process or application associated with the malware and kill it.
SuperAntiSpyware wont install under safemode BTW. I've ran into the same situation before at work, trying to remember how to get around it....
If I remember right, you need to kill the process or application associated with the malware... Like I said in my previous post its probably going to be called av.exe or ave.exe. Just look for it in the task manager.
If its not there than its definately running off of a prefetch file and you need to do a search for it, including hidden system files, and delete it (do a file search for all file types, there should be an option to include system files as well, search for ave.exe). After that you should be able to install superantispyware.
Or.... if you want to go an easier route (which may not get rid of the problem completely but may get you a step in the right direction).... MalwareBytes, if I remember right, WILL install under safe mode. Just make sure to do safemode with networking so you can get the latest DAT file.
I can tell you this, its not going to be as easy as running a program to fully get rid of it. You will still have to do some registry cleaning and IF there is a prefetch file, it will keep coming back until you get rid of that.
download this tool ---> http://www.technibble.com/rkill-repa...l-of-the-week/ run it, then run malwarebytes after updating its definitions.
This is how I fixed a friends computer with the same problem
step by step guide can be found at http://www.bleepingcomputer.com/
Thanks for the detailed response. Because I had read this I knew what a friend was talking about when she was screaming that her computer went nuts.
She wasn't too smart, not only did she click it but she paid them.
Anyway, thanks to this thread I was able to help. Appreciate everyone's knowledge.
Thanks for the detailed response. Because I had read this I knew what a friend was talking about when she was screaming that her computer went nuts.
She wasn't too smart, not only did she click it but she paid them.
Do a system restore. Use MSE.
Just google search it.
It gets better. It told her the payment didn't go through and she entered her credit card info a second time.
Thanks! Looks like it is working fine now.
This thread needs to be pinned and enshrined in gold.
I ing hate this , as my wife clicked on one of these things once. GRRRRR.
If I ever find the jackasses who wrote these viruses, I would set aside my normal ethical stances against beating another human being to a bloody pulp.
Ouch
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
