I've got a virus

TheCenturion

TheCenturion

TheCenturion

Soldato
Joined
18 Mar 2008
Posts
12,751
YAY!! :rolleyes:

Okay, this one's a sneeky one, but I reckon it'll be easy to remove. I'm not sure what it is, but it has closed Microsoft Security Essentials. This virus shows itself as a shield icon in the desktop tray. It's trying to pass itself off as a security suite. Unfortunately I can't right click and close it.

It keeps giving me popups like "file realplay.exe is infected". Popups which your average joe would probably be taken in by, but are very obviously fake.

I got into safe mode and ran Security Essentials and MalwareBytes, but they both just came out with loads of Adware that's on my pc. But Security Essentials did say that there was an "unkown" exe in temporary internet folders. It couldn't remove it, as it was unknown so I have to update my virus definitions. problem is that in safe mode, I can't connect to the internet. What I could do is to run the scan again, find out the name of the file, and then simply delete it from the folder. Would this work?

Thanks
 
have you tried to schedule an error checking. it Automatically fixes files systems errors and scan for attempt recovery of bad sectors. I had i virus that closed applications so I did it in safe mode and it fixed it so it might work.
 
How strange, a friend called me this morning to fix his PC it had this same problem! I fixed by booting in safemode, start - run type msconfig click the startup tab, now I cant remember what its called in there and it probably uses random file names but you should be able to figure out what it is (or post a screenshot) just untick it then delete the file and reboot.
 
Mik3 said:
How strange, a friend called me this morning to fix his PC it had this same problem! I fixed by booting in safemode, start - run type msconfig click the startup tab, now I cant remember what its called in there and it probably uses random file names but you should be able to figure out what it is (or post a screenshot) just untick it then delete the file and reboot.
Click to expand...

There's loads of random stuff that I don't recognise, could it be all of them?
 
PapaLazaru said:
I had this recently and removed it without too much bother.

I downloaded rkill which stops it working and tells you were it is hiding. Get it from here - http://www.bleepingcomputer.com/forums/topic308364.html

I then ran MalwareBytes. Did not need to go into safe mode or anything as rkill stops it and it will remain that way until you reboot.

MalwareBytes quarantined it no problem. :)
Click to expand...

problem is that I can't get rkill because when I try to run the internet, it keeps saying stuff like "chrome.exe is infected" etc
 
Anant, lots of us had this recently, there's a few threads on it search them out.

I created a new acount, from that ran MSE, and combofix, which sorted it, then logged back in to other account and ran MSE again.
 
anant_shah94 said:
The virus won't even let me start task manager in normal mode :(

Literally no programs will start so the only way I can beat it is through safe mode
Click to expand...

yes thats what happened to me so in safe mode just do this and some programs will work.

right click ----> properties ----> tools ----> the first one "This option will check the volume for errors"
 
Stupot_ said:
Anant, lots of us had this recently, there's a few threads on it search them out.

I created a new acount, from that ran MSE, and combofix, which sorted it, then logged back in to other account and ran MSE again.
Click to expand...

I ran MSE in safemode and it couldn't detect it though :confused: Also, as I said, no programs will run unless in safe mode. About to run combofix from safe mode.
 
You must log in or register to reply here.
Back
Top Bottom