Just got my 1st serious Virus and can't get rid!
Thread Starter
Scooby Regular
Joined: Mar 2005
Posts: 225
Likes: 0
Just got my 1st serious Virus and can't get rid!
I have had my laptop for 4 years and just picked up my 1st virus that i have been unable to remove manually.
I keep getting a red x in the task bar with the message"your computer has been infected"
I dont run with any anti-virus software and guess i have been lucky up until now.
I installed Spydoctor and ran the scan, but it then wants me to purchase the full version online.
I tried to install windows defender this morning but it only got so far before it stopped saying that i may not have enough priviliges, even though i am the only admin on the laptop.
I am now thinking of popping to PC world and buying something like norton anti virus.
Would this be capable of removing the virus ?
I keep getting a red x in the task bar with the message"your computer has been infected"
I dont run with any anti-virus software and guess i have been lucky up until now.
I installed Spydoctor and ran the scan, but it then wants me to purchase the full version online.
I tried to install windows defender this morning but it only got so far before it stopped saying that i may not have enough priviliges, even though i am the only admin on the laptop.
I am now thinking of popping to PC world and buying something like norton anti virus.
Would this be capable of removing the virus ?
Moderator
Joined: Dec 1998
Posts: 23,573
Likes: 0
From: Staffs
Sounds like the fake AV doing the rounds, which goes under different names like XP Antivirus 2008.
I've found Malwarebytes does a good job at cleaning up the PCs I've found it on. There's a free version too.
I've found Malwarebytes does a good job at cleaning up the PCs I've found it on. There's a free version too.
Scooby Regular
Joined: Mar 2003
Posts: 2,654
Likes: 1
Download Nod 32 trial and see how it goes, you may have to purchase it to remove any problems but it's probably one of the best and quickest on the market.
Antivirus Software - from ESET
Viruses are a pita to remove once you're infected so it may be easier to format. Prevention is better than cure
Antivirus Software - from ESET
Viruses are a pita to remove once you're infected so it may be easier to format. Prevention is better than cure
Scooby Regular
Joined: Sep 2001
Posts: 10,261
Likes: 0
From: A powerslide near you
Scooby Regular
Joined: Oct 2004
Posts: 8,328
Likes: 0
From: There is only one God - Elvis!
I've got this myself, have got rid of the viruses but have an annoying message on my desktop background of 'your computer is infected blah, blah'
Just cant seem to get rid of it.
Just cant seem to get rid of it.
Thread Starter
Scooby Regular
Joined: Mar 2005
Posts: 225
Likes: 0
this is the log file of the scan with malwarebytes-fingers crossed it did the trick, although i then got a message to say that some files windows needed to run properly had been replaced/altered and that i should insert my windows cd-which i cant bloody find!
Malwarebytes' Anti-Malware 1.25
Database version: 1088
Windows 5.1.2600 Service Pack 2
11:07:55 27/08/2008
mbam-log-08-27-2008 (11-07-55).txt
Scan type: Quick Scan
Objects scanned: 75680
Time elapsed: 31 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\buritos (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\karina.dat (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\karina.dat (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winivstr.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\beep.sys (Fake.Beep.Sys) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dllcache\beep.sys (Fake.Beep.Sys) -> Quarantined and deleted successfully.
C:\WINDOWS\buritos.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.25
Database version: 1088
Windows 5.1.2600 Service Pack 2
11:07:55 27/08/2008
mbam-log-08-27-2008 (11-07-55).txt
Scan type: Quick Scan
Objects scanned: 75680
Time elapsed: 31 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\buritos (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\karina.dat (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\karina.dat (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winivstr.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\beep.sys (Fake.Beep.Sys) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dllcache\beep.sys (Fake.Beep.Sys) -> Quarantined and deleted successfully.
C:\WINDOWS\buritos.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Yep would try superantispware, in my view one off the best for cleaning out this type off thing, may well just be spyware as opposed to an actual virus ??
funny enough have recently started to get this " you may not have enough privellages etc mesage " when trying to open one or two programmes recently strangely enough this was also when trying to run one or two other security related programmes that I had recently d/loaded. even thou I like youself am the only user off the actual pc.
funny enough have recently started to get this " you may not have enough privellages etc mesage " when trying to open one or two programmes recently strangely enough this was also when trying to run one or two other security related programmes that I had recently d/loaded. even thou I like youself am the only user off the actual pc.
Trending Topics
Scooby Regular
Joined: Nov 2007
Posts: 754
Likes: 0
From: Webbed Feet Land
Scooby Regular
Joined: Sep 2001
Posts: 1,822
Likes: 0
From: Suffolk
Use the SDFix.exe tool to remove this, can be downloaded from here - Bleeping Computer Downloads: SDFix
You need to run the .exe file in normal mode which extracts the files to a "sdfix" folder on your C:\ drive then reboot to safe mode and run the "runthis" file which is in C:\sdfix. You have to press "y" to start the scan, this can then take a while as scans your PC.
Once complete reboot your PC and let it boot normally.
Once removed you should be able to change your wallpaper as the virus changes your wallpaper showing the "your infected" message and sets a policy which stops you from changing the desktop settings.
You need to run the .exe file in normal mode which extracts the files to a "sdfix" folder on your C:\ drive then reboot to safe mode and run the "runthis" file which is in C:\sdfix. You have to press "y" to start the scan, this can then take a while as scans your PC.
Once complete reboot your PC and let it boot normally.
Once removed you should be able to change your wallpaper as the virus changes your wallpaper showing the "your infected" message and sets a policy which stops you from changing the desktop settings.
Thread
Thread Starter
Forum
Replies
Last Post
Mattybr5@MB Developments
Full Cars Breaking For Spares
12
Nov 18, 2015 07:03 AM