computer help: virus removal

computer help: virus removal (Full Version)

All Forums >> [Casual Banter] >> Off the Grid

Message

YSG -> computer help: virus removal (12/11/2010 11:14:39 AM)
ok, somehow I picked up a virus called System Tool 2011. It pretends to be an antivirus software deal, but it doesnt let me open anything, it shut down my yahoo, and from the research Ive done, its a scam. I cant open any real anti-virus stuff or spyware scanners, does anyone have any idea what I can do to get this damn thing off my system?

LadyConstanze -> RE: computer help: virus removal (12/11/2010 11:26:18 AM)
Just googled for you: http://www.im-infected.com/rogue/remove-system-tool.html http://www.precisesecurity.com/rogue/system-tool-virus/

YSG -> RE: computer help: virus removal (12/11/2010 11:30:53 AM)
yeah, already did google. I cant get the spyware apps on my computer to open because of this thing. Im running a scan in safe mode right now

blackpearl81 -> RE: computer help: virus removal (12/11/2010 11:35:40 AM)
FR The first thing I would do, is run "MSCONFIG" (start -> run -> "msconfig" (no quotes) -> hit enter) If you're using Win Vista/7, just type in MSCONFIG into the search box, and it'll come up. Once Msconfig is launched, click on the startup tab. From what I've seen online, ST 2011 runs a process called "oHaKo00902.exe" (however, this isn't set in stone - but the name of the file will be random numbers/letters) If you see it in msconfig, uncheck it (similarly, you can do the same for other applications - Yahoo/MSN/AIM messenger, Adobe Reader/Updater, Microsoft Office) this will stop those apps from runnign when your PC starts up, but they'll still be installed (You'll probably notice faster boot times too) Once that's done, click apply, then click ok. It'll ask you if you want to restart. I think the option is "Exit without restart" From this point, you have to enable all files & folders view in Windows. If it's WinXP, do the following: Open up "My Computer" Open up "Local Disk (c:) Up top, click Tools -> folder options -> view Untick the following boxes/radio buttons: "Show Hidden files & folders" Click apply. Click ok. Once all that is done, navigate to the following folder: Win XP %systemdrive%\Documents and Settings\All Users\Application Data Win Vista/7 %systemdrive%\Users\All Users\Application Data\ (%systemdrive% usually refers to c:) Look for a folder with random numbers & letters, and delete it. After that, navigate to the following folder: Windows XP: C:\Documents and Settings\{USER}\Local Settings\Temp Vista/7: C:\Users\{USER}\AppData\Local\Temp (Note: {USER} refers to your user name: If your user name for the computer is "Joe" then it'll be C:\Documents and Settings\Joe\Local Settings\Temp) Delete everything in the temp folder. Restart your machine, and you should be ok.

CalifChick -> RE: computer help: virus removal (12/11/2010 11:43:00 AM)
Restart your computer in safe mode (tap F8 on startup), try opening malwarebytes from there and scan your system. If that doesn't work, go to this help forum from spywarewarriors, read the stickies at the top for info on how to proceed, then post your hijackthis logs and other info. I went there with a problem and had a response in less than 24 hours. I have full confidence in their advice. Cali

NocturnalStalker -> RE: computer help: virus removal (12/11/2010 4:49:08 PM)
I don't know if this will help you or not, but MalwareBytes is probably the best program you can possibly attain to remove all that sort of stuff. Be sure to update it frequently, though.

sunshinemiss -> RE: computer help: virus removal (12/11/2010 6:39:10 PM)
It must be said... Smart, geeky men are hawt. (and so are you Constanze and Cali!)

frazzle -> RE: computer help: virus removal (12/12/2010 3:49:31 AM)
Probably not the answer you want to hear, but 2 people i know who've had that virus, have had to reload the operating system, the 3rd only got rid of it after hours of trouble and he's a computer wizz.

LadyConstanze -> RE: computer help: virus removal (12/12/2010 6:13:52 AM)
quote: ORIGINAL: sunshinemiss It must be said... Smart, geeky men are hawt. (and so are you Constanze and Cali!) I'm a Mac user and despite bitching regularly about how overpriced they are and what they don't do, when it comes to viruses, much less of a headache. I had a similar virus a few years ago on a regular PC, a friend who is a super geek tried for days to get rid of it, nothing, we bought a rather good cleanup prog, still didn't get rid of everything as often the files copy and rename themselves. It was a complete reinstall of the OS in the end. Usually how you get them is something pops up and asks you if you want to download something completely else, it doesn't matter if you press yes or no, as both will enable the download, the only way to get rid of them is actually shooting the browser down, anything else you click will download... They usually try to sell you a cleanup prog, in 99% of all cases it does sweet eff all and it's only a way to harvest your credit card information, so any antivirus software you buy, make sure it is not the popup that tells you you got the virus...

Termyn8or -> RE: computer help: virus removal (12/12/2010 7:20:49 AM)
"make sure it is not the popup that tells you you got the virus" Yup, I just went through the fake scan scam recently. I like AVG. Every once in a while it pops up and says "scan complete" and that's about it. The PC still runs. T

LadyConstanze -> RE: computer help: virus removal (12/12/2010 7:27:49 AM)
quote: ORIGINAL: Termyn8or "make sure it is not the popup that tells you you got the virus" Yup, I just went through the fake scan scam recently. I like AVG. Every once in a while it pops up and says "scan complete" and that's about it. The PC still runs. T Part of various scams is that the virus acts like an anti-virus program and wants to harvest your CC details, though one thing they do is slow your computer down and make everything a royal pain in the lower back...

Termyn8or -> RE: computer help: virus removal (12/12/2010 7:35:16 AM)
Do you mean near the canal zone ? T

DCWoody -> RE: computer help: virus removal (12/12/2010 7:35:47 AM)
If you have spybot installed, unhide hidden folders and look for a a 'sajjskajkasd.scr' (where 'sajjskajkasd'=anything) in spybots folders, it's a way of running spybot via a screensaver rather than an exe, which can often get around the blocking of anti-virus programs some of these things do. If that doesn't work, I'd suggest combofix....but, that's not without its risks. Really...start a thread on some malware removal forum and follow an experts instructions.

Page: [1]

Collarchat.com © 2024

Terms of Service

5.036133