Urgent: Virus

Schism

Schism

Schism

Associate
Joined
23 Dec 2007
Posts
279
Hey all

Yesterday, I was on my PC, and suddenly a program saying I'd got a virus popped up... I have never heard of this program (something like Virus Checker 2008), but it kept coming up... so I scanned my PC with Xoftspy and it found quite a few worms and trojans, so I tried to remove them, but it didn't work...so I rebooted my PC, and explorer.exe keeps restarting itself, causing the task bar and all shortcut icons to keep flashing every 10 seconds or so...

So I looked at my processes, and I've seen a few things that look dodgy, and I've googled them and they don't seem to want to close!
names:

  • lsass.exe
  • csrss.exe
  • smss.exe

I've tried to stop most services/startups in msconfig, but these are still here, and apparently are stopping me from connecting to any website that is something to do with anti-virus...

So, I'm completely stuck what to do now... could anyone please help me for my PC completely burns out?

Thanks a lot.
 
Also, just running mrt.exe - will let you know how I get on :)

(teaches me to look at other threads that I apparently thought had nothing to do with mine :p)
 
Only problem is... even in safe mode my explorer.exe keeps restarting, making it really hard to actually get to files to rename them! So I'm trying Malwarebytes in safe mode atm without the update ... :)
 
The easiest way is if you have access to another PC and to copy the files on a USB key. I didn't though and just had to persevere in safe mode. It took hours. You could try opening a command prompt and renaming it at the command line. The command prompt won't restart with explorer.
 
emailiscrap said:
The easiest way is if you have access to another PC and to copy the files on a USB key. I didn't though and just had to persevere in safe mode. It took hours. You could try opening a command prompt and renaming it at the command line. The command prompt won't restart with explorer.
Click to expand...

This is how I managed to actually get them onto my PC, but the Superantispyware wouldn't install even after I renamed it anyway...

And I wouldn't have a clue how to renaming in the command prompt! Hehe :)

But the Malware program seemed to run fine anyway in safe mode.
 
Right... so that seemed to work! ... so far.

Just for reference this is what I did:

  1. Started up my PC in safe mode
  2. Downloaded Malwarebytes onto my Macbook, put it on a memory stick then stuck it in my PC
  3. My PC's screen was blank, so I had to Ctrl Alt Delete, File, New Task and then type explorer.exe
  4. RACE through My Computer to find my memory stick to throw it onto my desktop and install (phew)
  5. I couldn't update it, so I just ran it as it was, and it ran perfectly fine, and got rid of the virus!

Hope this helps anyone else that gets it :)
 
Update... Just got back into Windows normally, and manged to update, and there's still a few stragglers left behind :) But the explorer.exe problem is fixed!
 
Not for something like this.
The time to install the OS might be quicker than removing the malware, but when you add on the games, applications, updates etc then it's not worth it.
 
emailiscrap said:
Not for something like this.
The time to install the OS might be quicker than removing the malware, but when you add on the games, applications, updates etc then it's not worth it.
Click to expand...
Agreed but then I use an Acronis Image to restore for myself so its not really a chore.
For any clients PC its normally so infested then is quicker to backup and restore.
 
You must log in or register to reply here.
Back
Top Bottom