Question

Locked

Can't get rid of Virus's tryed everything

By bienian ·
Ok let me give you a quick overview of what's going on here. Basically I have been experiencing random disconnect's from the internet. I just got a new router thinking that was the problem well now I am second guessing myself becuase it is doing the same thing again. I also get virus alert's from time to time but I have conducted all the test's in my power to get rid of them but they just keep popping up out of nowhere. My antivirus take's care of them immediately but they shouldn't even be showing up in the first place. Also I notice on the back of my computer that the network cable is lighting up meaning it's transferring data this usually happen's late at night when I'm not using the comp is this normal? I have done a hijackthis search but I'm really not sure what to look for so I was hoping I could post the result's off all 3 computer's search's and you guy's would be able to tell me what is wrong.

This conversation is currently closed to new comments.

13 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Start here

by Tig2 In reply to Can't get rid of Virus's ...

Boot to safe mode and re-run your AV scans. Do your spy scans too. See what you get.

Please post back the products you are using for AV, spy/mal ware, and firewall. It could make a difference as well.

I think that Hijack This has a website that you can post results to for analysis. In general, they also have the best advice for whatever problem they find.

Good Luck!

Collapse -

Here are some steps to take...

by CaptBilly1Eye In reply to Can't get rid of Virus's ...

First of all, your AV program may be giving you alerts because old pieces of a previous infection are being stored in old XP System Restore points.
If you are sure you do not want to try a system restore first (Start - All Programs - Accessories - System Tools - System Restore), then here is how you clean them up:
Right click My Computer and select Properties.
Click the System Restore tab.
Put a check in front of 'Turn Off System Restore' and click Apply, Yes and OK.
Reboot the system.
Right click on My Computer again, select Properties and the System Restore tab and now remove the check, click Apply and OK.

Now, let's make sure any infection is gone.
Here is a free on-line scan offered by BitDefender: http://tinyurl.com/aauh5 .
And another by TrendMicro: http://tinyurl.com/2xis .

I would also use this tool: RootKitRevealer (http://tinyurl.com/y3hgq9)
and AVG's free RootKit detector and Remover: (http://tinyurl.com/35jq2t)

If you determine that there is indeed a particular virus still involved,
I recommend you go here:
http://tinyurl.com/hnsvd .
TrendMicro has always been my favorite source for virus information and removal.

My second choice would be BitDefender. Here's a link to their extensive library of free removal tools:
http://tinyurl.com/y6opnp

There is a slight chance that your situation may be due to Spyware, Adware or Malware.
Here are excellent tools for removing spyware, malware and adware:
Note: once installed, it is best to run scans while in Safe Mode - (not Safe Mode with Networking)

Ad-Aware:
http://tinyurl.com/5kgsl

Spybot Search & Destroy:
http://tinyurl.com/78ubw

CWShredder:
http://tinyurl.com/5lstv

X-Cleaner Micro:
http://tinyurl.com/357tuu

When you finally get everything cleaned up and running smooth, here are great tools to help you avoid getting that garbage again:

SpywareBlaster:
http://tinyurl.com/g1d9

SpywareGuard:
http://tinyurl.com/3yj37

and to quickly clean out the places where their installers usually hide before you shut down or reboot - ATF-Cleaner:
http://tinyurl.com/kqmvp

If after these steps you still feel there is a problem that may be related to a virus or adware, spyware or malware, a HiJackThis log file would be a good idea. However I recommend that you post it in a place that is dedicated to interpreting them rather than at TechRepublic.
Here are the best ones:
http://tinyurl.com/2lzs2j
http://tinyurl.com/o57mw
Make sure you post the log as instructed by them and in the place designated specifically for that purpose.

If you are interested in learning how to decipher them yourself here is a source:
http://tinyurl.com/j3yvf

Oh and in answer to your question... Yes, it is normal for there to be some small transmission activity when you are away from and not using your system. Your own ISP will be behind some of that. Plus programs that are scheduled to search for updates on-line will also contribute.


Good Luck.
Please let me know if this helps.
<edited once I saw that TiggerTwo was responding at the same time I was... did I cover it all, Tig?>


[It is greatly appreciated if you tag all useful responses as 'Helpful' by opening those posts and clicking the 'Mark Helpful' button at the bottom. That way, people with a similar situation in the future will be able to quickly see what ultimately helped. Thanks.]

Collapse -

Better than me, Cap't!

by Tig2 In reply to Here are some steps to ta ...

That is what I get for posting in a hurry!

And the thumb goes to...

Cap't Billy!!!

Collapse -

thanks but you led the way....

by CaptBilly1Eye In reply to Better than me, Cap't!

I just type too slow. :)

Collapse -

Did you get it handled?

by CaptBilly1Eye In reply to Can't get rid of Virus's ...

What was the outcome?

Collapse -

Not Really

by bienian In reply to Did you get it handled?

Haha funny of you to ask right now. I actually just got another Trojan Downloader out of the nowhere it just appeared. I ran all of the test's you gave me and I have done many Hijackthis scan's and got rid of some suspicious stuff. So Where should I go from here I am still getting attacked by hackers.

Collapse -

How much time?

by ctrservices In reply to Not Really

Often, it is better and faster in the long term to reinstall the OS (delete partitions, reformat, and setup from factory disks). If you try to use the recovery partition included on many PC's sold today, the the partition often has been corrupted by spyware, and will just reinfect the new installation made from the recovery partition.

When you finally recover from the problem, manually scanning weekly with two good spyware scanners will usually take care of any nasty software corrupting your system like this. If you try to rely on automatic scanning, you will never be aware of problems until it is too late to easily correct them.

Collapse -

Internet Problem

by bienian In reply to How much time?

Is there anything else that I could try to get rid of the virus. Now my internet is getting cut off or leeched by someone else. This happened at the same time my cable splitter got messed up and had to be replaced by Time Warner kinda odd. I hope this issue can be fixed without a reformat but it maybe the inevidable solution. Sucks's though cuz I'll have to reformat all 3 comp's on the network. My internet go's off and on now or just really slow I hope this hacker didn't mess my router up is this possible it's a brand new router by the way.

Collapse -

Sorry

by ctrservices In reply to Internet Problem

CaptBilly1Eye's program to eradicate problems looks about as complete as you can get. Probably time to "bite the bullet" and reformat.

Be sure you isolate all PC's from each other and the Internet, rebuild one PC at a time, connect it to the Internet for updates.

Also, don't forget to scan (AV and Spyware) any files saved from these PC's first before you install them on the freshly rebuilt PC's.

Collapse -

Safe Mode with Networking

by sgt_shultz In reply to Internet Problem

Hi, you sound like you have one of the many reinfecting viruii. You can surf for now using Safe Mode with Networking boot option. (btw, if that ends your symptoms you proved it is spyware/virus related, not hardware related.
You probably are going to have to post the hijack this log at www.castlecops.com. Be prepared for a bit of back and forth with them. but it's worth it. You need system monitoring tools and programming ability to kill these recurring ones and they will write you a tool or direct you to an existing one. I applaud you wanting to fix w/o reinstalling however I think that is not a wise course of action in the long run as you cannot be completely sure that your system is hacker safe after having been comprised like that. If you do reinstall, consider imaging your virgin installation for future use...

Back to Malware Forum
13 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums