Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Last night my computer was infected from a virus and hijacked. The virus has changed my controls: I cannot chenge my disply/themes, task manager, C drive, a majority of my desktop icons. I get a 404 error when trying to access the internet. It was popping up fake spyware errors every 2 minutes, and had manipulated my internet to where only THEIR (fake) spyware sites come up. I have since tried running anti-virus in safe mode and normal mode. I have run AVG antivirus, AVG antispyware, Microsoft Malicious Software Removal, and lastly SUPERanti-spyware. Each program has located and removed/quarrantined numerous viruses, trojans, and spyware. However, I still cannot access my task manager, desktop, or C drive (C-drive I can access through backdoor manners). Is there ANYTHING that will effectively and thoroughly get rid of this junk, preferrably FREE or free trial???? It seems to be EVERYWHERE. I really don't want to lose my 75 gigs of music, 75 gigs of video, or 1,000s of pictures. Thanks you!
Before doing something as drastic as reformatting, I would try running the same scans in safe mode. I would also try running Super Anti Spyware Terminator from the Ultimate Boot CD for Windows. Download it from and burn it to a CD. You would have to make sure that your bios is set to boot from the cd drive before the hard drive.
0 
"You would have to make sure that your bios is set to boot from the cd drive before the hard drive."
As far as the above you made, how do I do this?
I have the website of theboot thing, and am having my wife copy it to disc from her laptop and will try that as soon as SUPER anti-spyware is done in safemode. Thanks!
0
Look for something like boot order in the bios. To get into the bios, you would have to keep tapping a certain key, like the delete key, though it might be different on your computer, such as the F1 key.
0
Make sure you turn off system restore, before running anti-virus programs, else you'll just get re-infected. It means you'll lose all your restore points, but at least you can start again with clean points.
Please let us know if you found someone's advice to be helpful.
0
Download & run CCleaner. And make sure to turn off system restore as was suggested above.
http://www.filehippo.com/download_c...
Also, run MSCONFIG from the start menu & check the startup tab. Uncheck anything suspicious.
0
And maybe the first thing you should do is back up all your music, videos, photos, etc. You should have been doing that all along.
0
Thank you to everyone everyone with *helpful* and *positive* advice. I'm currently doing several anti-virus programs over and over until nothing is left to remove, and am in the process of copying the UBCD4WIN build to CD for use. Thanks again, I'd have been lost without you!
0
THANKS TO DOUG KNOX!!!!!! This gives back access to REGEDIT!
http://www.dougknox.com/security/sc...
regtools.vbs - Disable/Enable Registry Editing tools in Windows
© Doug Knox - rev 01/10/2000 This code may be freely distributed/modified.
Usage: Download regtools.vbs Save the file to the folder of your choice. Double click the VBS file. The VB Script file will check for the appropriate value and if not found will create it. If the value was found, it will be toggled to its opposite state and you will be informed that you need to log off/back on or restart your computer. One note. This change is made in HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System. Disabling the tools takes effect immediately. Enabling requires a restart. This script can be viewed in Notepad or any text editor, as to the specific Registry key and value that are updated. Your antivirus software may report this script as potentially malicious, or a possible virus. This is because the script writes to the System Registry.Then go to regedit and edit the following
HKEY_CURRENT_USER
SOFTWARE
MICROSOFT
WINDOWS
CURRENT VERSION
POLICIES
EXPLORERONCE YOU GET HERE START AT THE BOTTOM OF THE LIST AND DELETE THE ENTRIES----YOU CAN DELETE THEM ALL BUT I LEFT THE TOP ONE WHICH IN MY CASE WAS “ AB DEFAULT”
Then, check the registry to see if "NoDispCpl" had been added.
"Deny Access to the Display Settings"
http://www.winguides.com/registry/d...User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
\System]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
\CurrentVersion\Policies\System]
Value Name: NoDispCPL
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disabled, 1 = enabled)
In regedit use the edit option to FIND any of the following entries in the registry
DisableRegistryTools delete any entries found
DisableTaskMgr delete any entries found
NoDispCpl delete any entries found
Virus Alert!
Also if the worm put VIRUS ALERT! By the time go control panel---regional and
Language----click customize---------and delete VIRUS ALERT!
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
