Annoying Virus

Soldato
Joined
24 Oct 2002
Posts
9,653
Location
Manchester City Centre
Evening :)

I've had this virus for a while now and I've kinda lost the will to try and get rid of it (yes I'm that lazy!)

I've got Norton but that can't shift it for some reason.

This:
virus1.jpg

Is constantly on the screen, then you click it and it changes to this:
virus2.jpg


And it kind of goes round in a visious circle :p

I'm stumped, any idea please as it's really annoying me :p

Cheers.
 
looks like a pretty nasty infection you've got there buddy. The symantec website
http://securityresponse.symantec.com/avcenter/venc/data/trojan.superspider.html
recommends running a full scan in safe mode, and then checking that all the registry entries are deleted, and if not, removing them manually. I'd also run Microsoft anti-spyware/adaware/spybot in safe mode just to be sure. Also, run hijackthis and post the log here if the above methods don't shift it.

If you don't know where to find any of the above, google them [/bofh]. Good luck :)
 
Have you tried clening out your restore, sometimes they lurk in there. I would then reboot in safe mode and do a scan again. Clean out the virus and then reboot normally and scan again.

If that doesn't work do a search for online virus scans such as Trend Housecall or Panda and see if they shift it. Another thing to do is download Bitdefender Free version which is an on demand scanner only and so won't interfere with Norton and then scan with that, after temporarly shutting down Norton first.

You should also consider ditching that Norton bag of crap as well and usin NOD32 or Avast. ;)
 
dunc said:
I would try Ewido . It is free for 30 days I think. Does a damn good job at removing trojans.

Dunc
I second Ewido, possibly the best all round malware cleaner I have come across. I use Avast and Ewido as my antivirus and antispyware combination. Never get a problem. :)
 
ACPCUP said:
Thing is, do these programs actually find things or generate them to make you think you have found something nasty!!

Now that has opened a whole can of worms. There is lots of information about rogue antispyware/antivirus software, some of them use false positives to encourage purchase, others are just spyware themsleves. :)

I wouldn't class Norton or Ewido in that way though.
 
Well I downloaded that Ewido and did a full scan (hdd, memory, everthing) and it came back with 412 infections :p Got rid of them all and it seems to have taken that virus with it! Yay :D

I looked at the Startup report and there seems to be a lot of **** in there. Could anyone take a look at this please and tell me what to get rid of? (and also how! :p)

startup.jpg


Next I'm going to ditch Norton like you said (the Subscriptions up anyway) and get avast and adaware. Will I need to run these or will they just do what Ewido has just done?

Cheers again fellas :)
 
Ok sorry for all the questions :p

Pretty much finished now and it's much better thanks :D (Would just like to know about the startup items 2 posts up please).

Sadly I'm now getting something else coming up on start-up:

popup.jpg


Anyone know how to get rid of it?

It's only coming up on my fathers profile, it was on mine but then I did something and it went, no idea what though :p

Cheers ;)
 
TripleT said:
Next I'm going to ditch Norton like you said (the Subscriptions up anyway) and get avast and adaware. Will I need to run these or will they just do what Ewido has just done?

Cheers again fellas :)

WHen you install Avast it will ask you if you want to do a boot time scan, say yes and it will search every last nook and cranny for the bad guys before Winblows starts proper. If it finds anything it will quarantine or remove it. Staright after boot sweep with Ewido again. As long as you have emptied your restore everything should be fine.

Failing that, /format c: :)
 
The only reason Norton is failing to clear the problem on this PC is because the detection of the infection is being done when Windows has been booted normally - the files are locked by the OS so of course they can't be cleared.
Any software would have run into the same problem clearing this infection.

Just mentioning this to dispell the usual BS about Norton being "rubbish".
But hay - it's like telling people to stop saying M$, Micro$oft and bashing AOL.
It appears to be the fashion to do so even by the uneducated...

I think it is safe to say that at some stage this machine has been online without any AV software running or outdated definitions.
Either prior to Norton being installed or due to it being turned off by the user so that they can get those important 10 or so more 3DMarks (or similar) as Norton's constant checking (as all AV software does) would have detected the infection as it was coming in.

The key to removal these days is doing the full scans in safe mode as this is the only way you can be sure that the infected files won't be locked by the OS.
System restore should also be turned off - however I would recommend you do not do this until you are sure that your machine is clean.
It maybe that using System Restore is the only way to get your machine back into operation and switching System Restore off will delete all of your restore points.
 
Back
Top Bottom