|Hi Tom and company!!|
You guys were so helpful with a horrid virus I had years ago (Beast I think it was) that when my friends laptop was handed to me horribly infected after about 12 hours I discovered hundreds of adware/spyware/toobare programs, I decided to come here to ask for some help. My first discovery was that his browser was grinding to a halt, constant timeouts, shockwave crashing etc. Well I was just about to close browser (chrome) and Zone Alarm (just had him install that the other day) popped up a warning that "Tidy2.exe (or very similar) wants to access the internet. Well I knew that had to be bogus so I denied it and dug it up and manually deleted it. Decided I better run some tools and see what was up. Ran Avast, found nothing, ran Malware bytes, again nothing. thought this was weird cause I know SOMETHING is on there, go digging thru the processes and I find an entry I dont know, WebCake.exe *32, try to shut it down , wont let me, head to services , nothing there, pop up the administrator services button (he uses windows 7) and find Webcake updater, disable it, still wont let me delete the exe*32 file. Manually go find the file (this took forever) and in the process discover some unerving things. apparently he has had this virus since early april on his computer and its been busily downloading other things, One thing it has done is created another administrator account, the normal one is just (computer name/administrator) the new one is (computer name/administators) and this new admin name has taken ownership of all kinds of files on computer, and blocked regular admin from accessing them. I cant give his admin account permission to do much of anything. searched out webcake online on MY comp, was suggested to get "spyhunter" so I did, ran it, it found 523 threats, but wont remove them unless he buys it (we are just two stuggling guys, we simply havent got money to buy a strong AV or spyware program at the moment), so I have been trying to manually dig up the found viruses, but none of them are removable since the whole OS has basically been hijacked. after finally managing to get rid of a couple of toolbar programs that were hiding I ran avast again , MB again, both still nothing, just now did reboot and boot scan (its running as we speak) and avast actually has found one thing so far (moved it to chest) called win32: DomaIQ-J [PuP] . still running may find more, but hoping I can get some advice/help since none of the standard tricks are working. Thanks ahead of time, I have always recommended this site since I got help from you in 08 with the virus I had on my old comp, and since then because of your advice, ive stayed virus free for 5 years now, got a bit of adware a couple of times, but was detected and gone faster than it could cause a problem because your advice has kept my comps pretty secure!!! hope to hear from you soon!!! Thanks a ton, Kundalimon
It is compassion rather than the principle of justice which can guard us against being unjust to our fellow man.