1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Annoying Virus

Discussion in 'Windows & Other Software' started by TripleT, 7 Feb 2006.

  1. TripleT

    Sgarrista

    Joined: 24 Oct 2002

    Posts: 9,424

    Location: Manchester City Centre

    Evening :)

    I've had this virus for a while now and I've kinda lost the will to try and get rid of it (yes I'm that lazy!)

    I've got Norton but that can't shift it for some reason.

    This:
    [​IMG]
    Is constantly on the screen, then you click it and it changes to this:
    [​IMG]

    And it kind of goes round in a visious circle :p

    I'm stumped, any idea please as it's really annoying me :p

    Cheers.
     
  2. mmj_uk

    Capodecina

    Joined: 26 Dec 2003

    Posts: 24,314

    format c:

    :p
     
  3. M0KUJ1N

    PermaBanned

    Joined: 17 Mar 2004

    Posts: 1,486

    Location: Edinburgh

    looks like a pretty nasty infection you've got there buddy. The symantec website
    http://securityresponse.symantec.com/avcenter/venc/data/trojan.superspider.html
    recommends running a full scan in safe mode, and then checking that all the registry entries are deleted, and if not, removing them manually. I'd also run Microsoft anti-spyware/adaware/spybot in safe mode just to be sure. Also, run hijackthis and post the log here if the above methods don't shift it.

    If you don't know where to find any of the above, google them [/bofh]. Good luck :)
     
  4. AJUK

    Man of Honour

    Joined: 14 Nov 2003

    Posts: 10,949

    Have you tried clening out your restore, sometimes they lurk in there. I would then reboot in safe mode and do a scan again. Clean out the virus and then reboot normally and scan again.

    If that doesn't work do a search for online virus scans such as Trend Housecall or Panda and see if they shift it. Another thing to do is download Bitdefender Free version which is an on demand scanner only and so won't interfere with Norton and then scan with that, after temporarly shutting down Norton first.

    You should also consider ditching that Norton bag of crap as well and usin NOD32 or Avast. ;)
     
  5. dunc

    Mobster

    Joined: 23 Oct 2003

    Posts: 2,755

    Location: Selma, Alabama

    I would try Ewido . It is free for 30 days I think. Does a damn good job at removing trojans.

    Dunc
     
  6. bledd

    Don

    Joined: 21 Oct 2002

    Posts: 46,688

    Location: Parts Unknown

  7. AJUK

    Man of Honour

    Joined: 14 Nov 2003

    Posts: 10,949

    I second Ewido, possibly the best all round malware cleaner I have come across. I use Avast and Ewido as my antivirus and antispyware combination. Never get a problem. :)
     
  8. uknorthboy

    Gangster

    Joined: 30 Oct 2005

    Posts: 351

    Wow, just downloaded and used Ewido, found some nasties on my pc that spybot missed, thanks for the recommendation.
     
  9. ACPCUP

    PermaBanned

    Joined: 12 Sep 2005

    Posts: 1,165

    Location: Up A Tree

    Thing is, do these programs actually find things or generate them to make you think you have found something nasty!!
     
  10. AJUK

    Man of Honour

    Joined: 14 Nov 2003

    Posts: 10,949

    Now that has opened a whole can of worms. There is lots of information about rogue antispyware/antivirus software, some of them use false positives to encourage purchase, others are just spyware themsleves. :)

    I wouldn't class Norton or Ewido in that way though.
     
  11. TripleT

    Sgarrista

    Joined: 24 Oct 2002

    Posts: 9,424

    Location: Manchester City Centre

    Cheers for all the replies.

    I'll try everything mentioned and post back :)

    Cheers again ;)
     
  12. Monstermunch

    Wise Guy

    Joined: 7 Mar 2005

    Posts: 1,597

    Location: Eating PI

  13. TripleT

    Sgarrista

    Joined: 24 Oct 2002

    Posts: 9,424

    Location: Manchester City Centre

    Well I downloaded that Ewido and did a full scan (hdd, memory, everthing) and it came back with 412 infections :p Got rid of them all and it seems to have taken that virus with it! Yay :D

    I looked at the Startup report and there seems to be alot of **** in there. Could anyone take a look at this please and tell me what to get rid of? (and also how! :p)

    [​IMG]

    Next I'm going to ditch Norton like you said (the Subscriptions up anyway) and get avast and adaware. Will I need to run these or will they just do what Ewido has just done?

    Cheers again fellas :)
     
  14. TripleT

    Sgarrista

    Joined: 24 Oct 2002

    Posts: 9,424

    Location: Manchester City Centre

    Looking good so far, good guild :)

    Should I be worried? I had 16.4gig free, I've just checked again after running Ewido and CCleaner and I now have 22.8gig free?! :p

    Urm seriously clogged machine?
     
  15. TripleT

    Sgarrista

    Joined: 24 Oct 2002

    Posts: 9,424

    Location: Manchester City Centre

    Ok sorry for all the questions :p

    Pretty much finished now and it's much better thanks :D (Would just like to know about the startup items 2 posts up please).

    Sadly I'm now getting something else coming up on start-up:

    [​IMG]

    Anyone know how to get rid of it?

    It's only coming up on my fathers profile, it was on mine but then I did something and it went, no idea what though :p

    Cheers ;)
     
  16. benjo plz.

    Capodecina

    Joined: 15 Jan 2004

    Posts: 14,208

    Location: Hall

    Magnet tbh.
     
  17. Mr Blonde

    Caporegime

    Joined: 18 Oct 2002

    Posts: 30,872

    Location: Liverpool -> London

  18. leezer3

    Mobster

    Joined: 18 Jan 2006

    Posts: 2,930

    Location: Norwich

    Sorry mate, but it looks to me as if your PC still has loads of junkware installed.
    That P2P Networking entry starting from C:\Windows\System32\P2P Networking is a junkware addon for Kazaa, & will only wreck your speeds. (Use a decent P2P- Shareaza!)
    Red Swoosh- Another pretty much junkware P2P client ( http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453086763 )

    -Leezer-
     
  19. AJUK

    Man of Honour

    Joined: 14 Nov 2003

    Posts: 10,949

    WHen you install Avast it will ask you if you want to do a boot time scan, say yes and it will search every last nook and cranny for the bad guys before Winblows starts proper. If it finds anything it will quarantine or remove it. Staright after boot sweep with Ewido again. As long as you have emptied your restore everything should be fine.

    Failing that, /format c: :)
     
  20. stoofa

    Capodecina

    Joined: 4 Mar 2003

    Posts: 11,925

    Location: Chatteris

    The only reason Norton is failing to clear the problem on this PC is because the detection of the infection is being done when Windows has been booted normally - the files are locked by the OS so of course they can't be cleared.
    Any software would have run into the same problem clearing this infection.

    Just mentioning this to dispell the usual BS about Norton being "rubbish".
    But hay - it's like telling people to stop saying M$, Micro$oft and bashing AOL.
    It appears to be the fashion to do so even by the uneducated...

    I think it is safe to say that at some stage this machine has been online without any AV software running or outdated definitions.
    Either prior to Norton being installed or due to it being turned off by the user so that they can get those important 10 or so more 3DMarks (or similar) as Norton's constant checking (as all AV software does) would have detected the infection as it was coming in.

    The key to removal these days is doing the full scans in safe mode as this is the only way you can be sure that the infected files won't be locked by the OS.
    System restore should also be turned off - however I would recommend you do not do this until you are sure that your machine is clean.
    It maybe that using System Restore is the only way to get your machine back into operation and switching System Restore off will delete all of your restore points.