|
|
Joined:
December 2001
Posts: 10583
Location: NJ | somehow I got this damn PC antispyware 2010 to infect my computer
it disabled
norton 360
norton antivirus
adaware
superantivirus
and
windows defender
any clue how I can rid my self of this PITA????
thanks
al |
|
| |
|
Joined:
November 2008
Posts: 1119
Location: Michigan | Al,
You may want to call an IT guy. These things tend to infect themselves in many process and files and can be difficult to find them all. Most of those eggheads (no offense) have dealt with specific virus and know how to locate them and take them out. My computer guy can rid them in minutes or and hour depending on how creative the virus is. Good luck. |
|
| |
|
Joined:
October 2008
Posts: 639
Location: NW of Philadelphia | From:
http://windowsprotection.net/how-to-remove-pc-antispyware-2010-pcan...
Download and run this:
http://windowsprotection.net/spyware-doctor/pcantispyware2010/downl...
OR
How to remove PC Antispyware 2010 manually:
To perform manual removal of PC Antispyware 2010, you should do the following:
Delete PC Antispyware 2010 corrupt files:
%Program Files%\Common Files\aqamodero.dat
%Program Files%\Common Files\hubeweqa.lib
%Program Files%\Common Files\jatikysup._dl
%Program Files%\Common Files\ofyxodaqa.dat
%Program Files%\Common Files\sahaso.bat
%Program Files%\Common Files\zotys.bin
%Program Files%\PC_Antispyware2010
%Program Files%\PC_Antispyware2010\AVEngn.dll
%Program Files%\PC_Antispyware2010\htmlayout.dll
%Program Files%\PC_Antispyware2010\PC_Antispyware2010.cfg
%Program Files%\PC_Antispyware2010\PC_Antispyware2010.exe
%Program Files%\PC_Antispyware2010\pthreadVC2.dll
%Program Files%\PC_Antispyware2010\Uninstall.exe
%Program Files%\PC_Antispyware2010\wscui.cpl
%Program Files%\PC_Antispyware2010\data
%Program Files%\PC_Antispyware2010\data\daily.cvd
%Program Files%\PC_Antispyware2010\Microsoft.VC80.CRT
%Program Files%\PC_Antispyware2010\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
%Program Files%\PC_Antispyware2010\Microsoft.VC80.CRT\msvcm80.dll
%Program Files%\PC_Antispyware2010\Microsoft.VC80.CRT\msvcp80.dll
%Program Files%\PC_Antispyware2010\Microsoft.VC80.CRT\msvcr80.dll
%WINDOWS%\akudyta.lib
%WINDOWS%\hoxigawax.inf
%WINDOWS%\kyci.dl
%WINDOWS%\nuxojih.scr
%WINDOWS%\qynomikov.bin
%WINDOWS%\seni.reg
%WINDOWS%\yfoneby.db
%WINDOWS%\system32\_scui.cpl
%WINDOWS%\system32\cocefezyj.dl
%WINDOWS%\system32\qebykiti.dl
%Documents and Settings%\All Users\Application Data\pybisezyr.db
%Documents and Settings%\All Users\Application Data\ulycozoho._dl
%Documents and Settings%\All Users\Documents\ekenubes.com
%Documents and Settings%\All Users\Documents\icosagula.reg
%UserProfile%\Application Data\jugifyryve.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\PC_Antispyware2010.lnk
%UserProfile%\Cookies\ajeby.reg
%UserProfile%\Cookies\yqeqaranym.vbs
%UserProfile%\Cookies\zebav.pif
%UserProfile%\Desktop\_scui.cpl.txt
%UserProfile%\Desktop\PC_Antispyware2010.lnk
%UserProfile%\Local Settings\Application Data\xoqupuwytu._dl
%UserProfile%\Start Menu\Programs\PC_Antispyware2010
%UserProfile%\Start Menu\Programs\PC_Antispyware2010\PC_Antispyware2010.lnk
%UserProfile%\Start Menu\Programs\PC_Antispyware2010\Uninstall.lnk
Remove PC Antispyware 2010 associated registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC_Antispyware2010
HKEY_LOCAL_MACHINE\SOFTWARE\PC_Antispyware2010
HKEY_CURRENT_USER\Control Panel\don’t load “scui.cpl”
HKEY_CURRENT_USER\Control Panel\don’t load “wscui.cpl”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “PC Antispyware 2010″
Please, note that manual removal of PC Antispyware 2010 is a procedure of high complexity and should be performed with extreme caution. Lack of the required skills and even the slightest deviation from the instructions may lead to irreparable system damage. To ensure trouble-free deletion, it is recommended to use the automatic PC Antispyware 2010 removal tool below:
Good Luck. |
|
| |
|
Joined:
May 2008
Posts: 1556
Location: Indiana | Hi Al-
Trying to clean the drive is made more difficult as long as the infected drive remains the boot drive because these Trojans are designed to do their dirty work utilizing the permissions (authorities) inherent in their roll as the system drive.
The most effective way to clean it is to remove the drive and install it into another computer as a secondary drive. Then run up to date Antivirus and Spyware programs on the drive to clean it. (AVG Free is an excellent Anti-Virus, SuperAntiSpyware and Spybot Search and Destroy are very effective Spyware programs.)Infected drives may take multiple scans until no more issues are reported.
Once clean, reinstall into the original computer.
Best of luck- |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | it took me 3 1/2 hours to get the "personal antivirus" (which is the same bug) trojan off my stepson's laptop last week. it disabled AVG, gave false warnings and blocked every other site i visited to find out how to get rid of it. my stepson got the trojan from P2P sharing on limewire, which i had warned him about using countless times.
here's what eventually worked for me fast and painlessly: go to "run"/msconfig/startup and uncheck pav.exe
then a fresh download of "spybot" removed the trojan completely. i prefer to use "ccleaner" but it did not recognize this trojan.
this trojan is bogus antivirus/antispyware and offers the solution to fix your troubles for $59.99 or other amounts. they steal your money and have your credit card number and then you are still in ownership of the trojan. |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | once you disable (uncheck) the trojan's startup file in run/msconfig (type "msconfig" in the box and click OK)/click startup tab) you can reboot your computer and the trojan will be unable to block your legitimate antivirus program. then download spybot to remove the trojan. |
|
| |
|
Joined:
December 2001
Posts: 7224
Location: The Great Pacific Northwest | Just FYI... Those running F-Prot or F-Secure products will not generally have to worry about such issues.
Much like Al often posts and reposts the "proper" way to ship a guitar, then people complain when they don't follow those directions and have issues... I provide either of these solutions in the same vain.
Neither F-Prot nor F-Secure are available on any production machines as an OEM product hence, they are not a target. So while there is a plethora of worms, trojans, and other cyber-nasties out there that will attack Microsoft, MacAfee, Symantec etc... At least for now, these products are relatively immune to those attacks, and have been for many years. |
|
| |
|
Joined:
December 2001
Posts: 10583
Location: NJ | Originally posted by Auriemma:
From:
http://windowsprotection.net/how-to-remove-pc-antispyware-2010-pcan...
Download and run this:
http://windowsprotection.net/spyware-doctor/pcantispyware2010/downl...
OR
How to remove PC Antispyware 2010 manually:
To perform manual removal of PC Antispyware 2010, you should do the following:
Delete PC Antispyware 2010 corrupt files:
%Program Files%\Common Files\aqamodero.dat
%Program Files%\Common Files\hubeweqa.lib
%Program Files%\Common Files\jatikysup._dl
%Program Files%\Common Files\ofyxodaqa.dat
%Program Files%\Common Files\sahaso.bat
%Program Files%\Common Files\zotys.bin
%Program Files%\PC_Antispyware2010
%Program Files%\PC_Antispyware2010\AVEngn.dll
%Program Files%\PC_Antispyware2010\htmlayout.dll
%Program Files%\PC_Antispyware2010\PC_Antispyware2010.cfg
%Program Files%\PC_Antispyware2010\PC_Antispyware2010.exe
%Program Files%\PC_Antispyware2010\pthreadVC2.dll
%Program Files%\PC_Antispyware2010\Uninstall.exe
%Program Files%\PC_Antispyware2010\wscui.cpl
%Program Files%\PC_Antispyware2010\data
%Program Files%\PC_Antispyware2010\data\daily.cvd
%Program Files%\PC_Antispyware2010\Microsoft.VC80.CRT
%Program Files%\PC_Antispyware2010\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
%Program Files%\PC_Antispyware2010\Microsoft.VC80.CRT\msvcm80.dll
%Program Files%\PC_Antispyware2010\Microsoft.VC80.CRT\msvcp80.dll
%Program Files%\PC_Antispyware2010\Microsoft.VC80.CRT\msvcr80.dll
%WINDOWS%\akudyta.lib
%WINDOWS%\hoxigawax.inf
%WINDOWS%\kyci.dl
%WINDOWS%\nuxojih.scr
%WINDOWS%\qynomikov.bin
%WINDOWS%\seni.reg
%WINDOWS%\yfoneby.db
%WINDOWS%\system32\_scui.cpl
%WINDOWS%\system32\cocefezyj.dl
%WINDOWS%\system32\qebykiti.dl
%Documents and Settings%\All Users\Application Data\pybisezyr.db
%Documents and Settings%\All Users\Application Data\ulycozoho._dl
%Documents and Settings%\All Users\Documents\ekenubes.com
%Documents and Settings%\All Users\Documents\icosagula.reg
%UserProfile%\Application Data\jugifyryve.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\PC_Antispyware2010.lnk
%UserProfile%\Cookies\ajeby.reg
%UserProfile%\Cookies\yqeqaranym.vbs
%UserProfile%\Cookies\zebav.pif
%UserProfile%\Desktop\_scui.cpl.txt
%UserProfile%\Desktop\PC_Antispyware2010.lnk
%UserProfile%\Local Settings\Application Data\xoqupuwytu._dl
%UserProfile%\Start Menu\Programs\PC_Antispyware2010
%UserProfile%\Start Menu\Programs\PC_Antispyware2010\PC_Antispyware2010.lnk
%UserProfile%\Start Menu\Programs\PC_Antispyware2010\Uninstall.lnk
Remove PC Antispyware 2010 associated registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC_Antispyware2010
HKEY_LOCAL_MACHINE\SOFTWARE\PC_Antispyware2010
HKEY_CURRENT_USER\Control Panel\don’t load “scui.cpl”
HKEY_CURRENT_USER\Control Panel\don’t load “wscui.cpl”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “PC Antispyware 2010″
Please, note that manual removal of PC Antispyware 2010 is a procedure of high complexity and should be performed with extreme caution. Lack of the required skills and even the slightest deviation from the instructions may lead to irreparable system damage. To ensure trouble-free deletion, it is recommended to use the automatic PC Antispyware 2010 removal tool below:
Good Luck.
that site wants to buy some software |
|
| |
|
Joined:
October 2008
Posts: 639
Location: NW of Philadelphia | Ever since I started using AVAST!, I haven't had any issues. *knock on wood* |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | i came across several sites offering a fix for these trojans. methinks they are operated by the same folks that gave birth to them or are other parties trying to cash in on unsuspecting/ignorant folk. |
|
| |
|
Joined:
December 2001
Posts: 7224
Location: The Great Pacific Northwest | Originally posted by lanaki:
i came across several sites offering a fix for these trojans. methinks they are operated by the same folks that gave birth to them or are other parties trying to cash in on unsuspecting/ignorant folk. Exactly.. Any supposed "fix" should only be retrieved from a known reliable source.
While I am a fan of Open Source software for working such as Open Office, Gimp, etc... When it comes to data protection, you truly do get what you pay for. There are some really nice freeware packages like AVR, or Adaware, but if you are really concerned about protection, $35-$50 a year seems like a worthwhile investment.
I usually ask people... "If your computer got infected, would you care if it was just formatted and you lost all your data." If the answer is "I don't care, I don't keep anything worth saving on my computer".. then I recommend AVR, AdAware and ZoneAlarm firewall.
However, if they say.. "no I keep everything on my computer, and even though I have backups, I'd rather not have to rebuild if something goes sideways" I recommend F-Secure usually. |
|
| |
|
Joined:
December 2001
Posts: 10583
Location: NJ | still no luck
any other suggestions? |
|
| |
|
Joined:
February 2005
Posts: 11840
Location: closely held secret | Al, Here is step-by-step instructions (scroll down) to get rid of it using MalwareBytes Anti-Malware (free version). Just follow the instructions carefully and it does most of the work.
We've had a few incursions of this program and this is the easiest way we've found for most computer users to dispatch it using a trusted program. |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | malwarebytes was my second option if the method above did not work. since it did, i needed to go no further. hope you get all the bugs out, al. |
|
| |
|
Joined:
April 2008
Posts: 498
| I just had to do the same removal of Personal Anti virus/PC antispyware from Shannon's computer.
1st I Backed up all her photos/music to a 16gb pen drive just in case... then used Malwarebytes to get rid of the trojan,
I Then installed F-secure trial version...which cleaned up all the nasties completely, and told her to pay for the full version before the expiration date as this was the last time I was rebuilding or restoring a computer for her again.
of course the culprit of the infection as usual was file sharing programs... Limewire and Vuze.
(the following is NOT directed at AL and is just a general statement)
If you're going to download pirated software and or music or even pictures or videos... all of which is pretty much illegal... you'd better expect some easter eggs, viruses, and other hidden surprises in what you've just "got for free" lots of time bombs in those programs/files on the P2P networks... limewire, napster, vuze, sumotorrent, etc.....
Glenn |
|
| |
|
Joined:
March 2009
Posts: 416
Location: On the Coast - Halfway between SF & OR | Originally posted by Jonmark Stone:
The most effective way to clean it is to remove the drive and install it into another computer as a secondary drive. Then run up to date Antivirus and Spyware programs on the drive to clean it. +1
Worth a try but I've actually given-up even attempting it. I've found that reformatting the drive and re-installing data from back-ups to be less frustrating and the only assured method. |
|
| |
|
Joined:
December 2001
Posts: 10583
Location: NJ | well
I downloaded the program it seemed to work
then I plugged the cable back in and it rebooted and put that pc spyware 2010 on again.
any other suggestions |
|
| |
|
Joined:
March 2005
Posts: 5563
Location: Blue Ridge Mountains | Al, this started in Russia and began in 2008...each year it comes back again w/a new updated year...I had it and it took me a while: here are several helps:
http://www.pcworld.com/businesscenter/article/153810/antivirus_2009...
http://fix-computer-problem.com/rogue-antispyware/antivirus2010/ant... |
|
| |
|
Joined:
April 2004
Posts: 13303
Location: Latitude 39.56819, Longitude -105.080066 | Al, I sent you an email that I think will solve your problems. |
|
| |
|
Joined:
May 2003
Posts: 4389
Location: Capital District, NY, USA Minor Outlying Islands | I use the CA software provided by road runner. it works. |
|
| |
|
Joined:
February 2005
Posts: 11840
Location: closely held secret | Al, sorry MBAM didn't work for you.
Did Stephen email you money to buy a new computer? |
|
| |
|
Joined:
October 2008
Posts: 639
Location: NW of Philadelphia | Al, I didn't expect you to buy it, the manual removal was my main priority. Sorry for the confusion. |
|
| |
|
Joined:
December 2001
Posts: 10583
Location: NJ | I am still in virus hell
please don't send me to sites that give me a scanner then you have to pay for removal. I think they are made by the same people that wrote the virus |
|
| |
|
Joined:
December 2001
Posts: 10583
Location: NJ | still in virus hell |
|
| |
|
Joined:
September 2006
Posts: 10777
Location: Keepin' It Weird in Portland, OR | Originally posted by alpep:
somehow I got this damn PC antispyware 2010 to infect my computer Hey Al... (First, My Condolences) Is this some kind of freeware that you downloaded?
Is it one of them "Your computer has 235 viruses, click here for to remove them" pop-ups?
I just was curious, so I don't go to whichever neighborhood you caught this in...
(And yes, the virus-removal software is made by the same folks who made the virus. :mad: ) |
|
| |
|
Joined:
April 2004
Posts: 13303
Location: Latitude 39.56819, Longitude -105.080066 | This may be simple but it is often overlooked.
Have you turned off your "restore points" so that they are all erased? A lot of virus like to hide in there and when the computer is rebooted they get restored.
Turn off restore and let the computer delete all the restore points, clean for virus, reboot system and see if it is clean.
Also, the site I sent you to is cheap protection and works extremely well. I have it on all 5 family member computers. Peace of mind without aggravation is worth more than $50 IMHO. |
|
| |
|
Joined:
December 2001
Posts: 7224
Location: The Great Pacific Northwest | Here is a link to F-secure's easy clean.
http://www.f-secure.com/en_EMEA/security/security-center/easy-clean...
I have not used it, but I trust F-secure. I believe it is totally free to clean a system. If it cleans it... then buy f-secure and not worry anymore.
If it doesn't clean it... format the drive. |
|
| |
|
Joined:
December 2001
Posts: 10583
Location: NJ | it found the malware but did not clean it |
|
| |
|
Joined:
February 2005
Posts: 11840
Location: closely held secret | Al, I'm sorry to say you'll probably just have to bite the bullet and reinstall XP. Make sure you save only what is absolutely necessary to a different drive, reformat the boot drive before installation, and scan the saved data before moving it back post-installation.
And PLEASE get something besides Norton. It sucks. BitDefender is only $25 and one of the highest rated. Or F-Secure ($60). Anything but Norton.
Sorry, I know you didn't want to hear that. Pretend... Moody told you. |
|
| |
|
Joined:
August 2006
Posts: 3145
Location: Marlton, NJ | I would go with Wabbit's suggestion - except that I would install XP on a new hard drive and keep the old one as a data drive.
Al - I know this is grueling, but you can't help but laugh at the number of suggestions you've gotten between here and facebook for different antivirus/spyware programs and each person claiming it's the best! It's got to be north of 10 different programs. |
|
| |
|
Joined:
February 2005
Posts: 11840
Location: closely held secret | Mike, I would agree with you on the hard drive, but I don't know Al's financial/hardware situation.
I won't claim to know which A/V is the best, but I read a lot of the technical reviews. BitDefender, F-Secure and Eset-NOD32 are consistently rated in the top ten for performance, small footprint and timely updates.
I do know from personal experience that Norton misses many, many things that do not get past even the free ones like Avast or AVGFree. |
|
| |
|
Joined:
December 2006
Posts: 6268
Location: Florida Central Gulf Coast | I've held off in presenting my suggestion to see if the thoughtful help here would work.
Locally we have 'Digital Doctors' which straightened out my buddy's infected 'puter. We had tried all types of suggestions for many hours to no avail.
I can't recall the cost but my bud was tickled and wished he had went there first!
I had them evaluate my old laptop (no charge). The LT power supply was DOA but they pulled the HD and put it a UBS adapter (less than $30).
Later this year I plan on a newer LT and will have them do the 'transfer'.
Al, if you decide to have a professional check it out, DO NOT use the 'Geek Squad'! |
|
| |
|
Joined:
December 2003
Posts: 1889
Location: Central Massachusetts | Originally posted by CrimsonLake:
I would go with Wabbit's suggestion - except that I would install XP on a new hard drive and keep the old one as a data drive.
I wouldn't keep the old drive around as a data drive, you'd just be asking for trouble, as it's clearly polluted. Back up what you must and start over, or take it to a pro. |
|
| |
|
Joined:
February 2005
Posts: 11840
Location: closely held secret | It would be fine if full-formatted. |
|
| |
|
Joined:
August 2006
Posts: 3145
Location: Marlton, NJ | Originally posted by dvd:
Originally posted by CrimsonLake:
I would go with Wabbit's suggestion - except that I would install XP on a new hard drive and keep the old one as a data drive.
I wouldn't keep the old drive around as a data drive, you'd just be asking for trouble, as it's clearly polluted. Back up what you must and start over, or take it to a pro. |
|
| |
|
Joined:
November 2006
Posts: 2241
Location: Simpsonville, SC | Al, try downloading the free version of Malwarebytes, from www.malwarebytes.com
Download, run the setup, update and then scan.
PM if you need help.
Thank the russian mafia for this virus, regardless of your AV protection it gets though anyway.
Jim |
|
| |
|
Joined:
February 2005
Posts: 11840
Location: closely held secret | Beggin, see post #13 on page 1... |
|
| |
|
Joined:
March 2009
Posts: 416
Location: On the Coast - Halfway between SF & OR | Originally posted by alpep:
I am still in virus hell Al - How is the struggle going? |
|
| |
|
Joined:
December 2001
Posts: 10583
Location: NJ | tomorrow I will either
a: format my drive tomorrow and start from the beginning
b go surf fishing |
|
| |
|
Joined:
February 2005
Posts: 11840
Location: closely held secret | Start your drive formatting.
Go surf fishing.
Come home & finish up. |
|
| |
|
Joined:
November 2006
Posts: 2241
Location: Simpsonville, SC | Originally posted by The Wabbit Formerly Known As Waskel:
Beggin, see post #13 on page 1... My bad!
Sometimes it is so badly infected that MWB can't even get it. |
|
| |
|
Joined:
May 2008
Posts: 4996
Location: Phoenix AZ | Al, relax it's just that your computer is pissed off at you becasue of your recent purchase ... |
|
| |
|
Joined:
January 2006
Posts: 1120
Location: NW Washington State | Here's my free advice, worth what you paid for it...
You might get better results if you boot from a Linux-based rescue CD. If you're running Windows, the malware can still be in control when you try to scan and remove it. I tried three today to see how they behaved.
Kapersky- ran fine on my system. Malware database is from 5/09. Download the ISO and burn it to a CD. http://dnl-eu10.kaspersky-labs.com/devbuilds/RescueDisk/
AntiVir- scanned OK on my system, but I couldn't get into the clean/disinfect menu options- my newer laptop often has problems like this with Linux boot disks. Supposedly has frequent updates to its database. I think this was the one that had its own CD burning software built in. http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html
F-Secure- the ISO file neeeded for burning a CD is inside a ZIP file. The database on this one is older. I didn't succeed in updating it, even with a wired network connection. Ran slowly on my system. http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-ser...
Hope this helps! I can mail you these CDs if you can wait that long.
-Steve W. |
|
| |
|
Joined:
August 2006
Posts: 3145
Location: Marlton, NJ | Just got back from my next door neighbor and he has something similar... it's nasty! It doesn't let you do anything - no TaskMgr, no RegEdit, won't let you boot into safe mode, locks out changing the display and so on and so on...
Steve - I'll try one of the rescue CDs on his tomorrow. |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | mike,
can you click "Run" and then type in "msconfig" and enter the start-up tab? if you can get there and then can identify the file that boots up with that trojan you should be able to uncheck it and then reboot. in my case here, the file was pav.exe (which is "personal antivirus") the file name may be different but it is worth trying. once it is disabled at the start-up another program like malwarebytes or spybot should be able to find and destroy it. i don't usually use spybot but i downloaded and used it very successfully to kill the "personal antivirus" trojan. before i unchecked the pav.exe file in the start-up, it would not allow me to download spybot.
then again, maybe this new jersey strain is more vicious than others! |
|
| |
|
Joined:
June 2009
Posts: 67
Location: Texas | Al,this is the only "FREE" scan I run,http://onecare.live.com/site/en-us/article/slowpc.htm I doubt it will get rid of your virus,but it might,worth a try since its free.I got something similar a few months back,took me all day to figure out how to get rid of it
good luck |
|
| |
|
Joined:
February 2008
Posts: 747
| A few people I know have/had it and they're saying reformat is the best solution. |
|
| |
|
Joined:
June 2009
Posts: 67
Location: Texas | http://askville.amazon.com/remove-PC-Antispyware-2010/AnswerViewer....
Al copy and paste ..............good luck |
|
| |
|
Joined:
March 2009
Posts: 416
Location: On the Coast - Halfway between SF & OR | Originally posted by alpep:
tomorrow I will either
a: format my drive tomorrow and start from the beginning
b go surf fishing Did you get the drive reformatted?
Did you catch any fish? |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | mesuspects reformatting should be the last resort but it certainly should do the job. then steer clear of wherever you suspect it could have come from. |
|
| |
|
Joined:
August 2006
Posts: 3145
Location: Marlton, NJ | Originally posted by lanaki:
mike,
can you click "Run" and then type in "msconfig" and enter the start-up tab? if you can get there and then can identify the file that boots up with that trojan you should be able to uncheck it and then reboot. in my case here, the file was pav.exe (which is "personal antivirus") the file name may be different but it is worth trying. once it is disabled at the start-up another program like malwarebytes or spybot should be able to find and destroy it. i don't usually use spybot but i downloaded and used it very successfully to kill the "personal antivirus" trojan. before i unchecked the pav.exe file in the start-up, it would not allow me to download spybot.
then again, maybe this new jersey strain is more vicious than others! Randy - that was the very first thing I did... they just kept coming back after rebooting. |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | al has apparently tried this method with no results. |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | mike,
how many instances of suspicious start-up files did you uncheck? there may be more than one listed. also you may see start-up files that are blank in the startup and command lines. these should be unchecked. |
|
| |
|
Joined:
March 2009
Posts: 416
Location: On the Coast - Halfway between SF & OR | Guys, reformatting is no big deal.
Wipe the drive, re-install your OS (or a newer version), re-install your applications, test everything, then reload your personal files from your back-ups.
Believe me it's faster and a lot less frustrating. |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | all depends on what you've got installed. a reformat and re-install of all my applications and their updates has taken up to a day and a half in the past. i now run nearly all my apps/music and video files and backups on external drives. |
|
| |
|
Joined:
August 2006
Posts: 3145
Location: Marlton, NJ | Originally posted by lanaki:
mike,
how many instances of suspicious start-up files did you uncheck? there may be more than one listed. also you may see start-up files that are blank in the startup and command lines. these should be unchecked. Randy - I basically unchecked everything. |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | it's gotta be the jersey strain! can you identify which trojan program it is? |
|
| |
|
Joined:
March 2009
Posts: 416
Location: On the Coast - Halfway between SF & OR | Originally posted by lanaki:
all depends on what you've got installed. a reformat and re-install of all my applications and their updates has taken up to a day and a half in the past. i now run nearly all my apps/music and video files and backups on external drives. Holy Crap!! A day and a half?
How many applications do you run on that machine? |
|
| |
|
Joined:
February 2005
Posts: 11840
Location: closely held secret | Too many, apparently. |
|
| |
|
Joined:
August 2006
Posts: 3145
Location: Marlton, NJ | Originally posted by CrimsonLake:
Originally posted by lanaki:
mike,
how many instances of suspicious start-up files did you uncheck? there may be more than one listed. also you may see start-up files that are blank in the startup and command lines. these should be unchecked. Randy - I basically unchecked everything.
I went to the dos window and deleted a bunch of suspicious crap, but some of it was in use and it wouldn't let me delete it. I've been doing this for a long time and this is the first time I haven't been able to make any headway with one of these things. |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | mike,
does any of the listed trojan "antivirus" programs show up in the start menu from the desktop? |
|
| |
|
Joined:
October 2006
Posts: 5575
Location: big island | Originally posted by fletcher:
Originally posted by lanaki:
all depends on what you've got installed. a reformat and re-install of all my applications and their updates has taken up to a day and a half in the past. i now run nearly all my apps/music and video files and backups on external drives. Holy Crap!! A day and a half?
How many applications do you run on that machine? |
|
| |
|
Joined:
February 2005
Posts: 1132
Location: Parrish, FL | After you have made adjustments to the registry, go to Control Panel; System; System Restore; and check the box at the top that says:
Turn Off System Restore
Now reboot your computer and run your anti-virus again. Let it do its thing and re-boot once again. After start-up go back and UNCHECK the box under System Restore. This must be done!
This should keep your computer from re-infecting itself on reboot after you think you have eliminated the virus.
I hope that I have described this right. Hopefully someone who is more familiar with this process will chime in and clarify. I had the 2009 version of this Trojan on my daughter’s computer and had the same re-infection issues. Some research on the net provided this process and it worked like a charm.
Blues |
|
| |
|
Joined:
December 2001
Posts: 10583
Location: NJ | still trying NOT to reformat
caught 3 sand sharks |
|
| |
|
Joined:
March 2009
Posts: 416
Location: On the Coast - Halfway between SF & OR | Originally posted by alpep:
still trying NOT to reformat
caught 3 sand sharks No sand sharks in my area of the coast; is catching 3 of them a good thing? |
|
| |
|
Joined:
December 2001
Posts: 10583
Location: NJ | catching any fish is a good thing
a bad day at fishing beats a good day messing with viruses on your computer |
|
| |
|
Joined:
March 2009
Posts: 416
Location: On the Coast - Halfway between SF & OR | Originally posted by alpep:
catching any fish is a good thing
a bad day at fishing beats a good day messing with viruses on your computer AGREED!! |
|
| |
OT virus help needed