We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Beware of malicious software "WinPC Antivirus"
Comments
-
I've just had a pop up from zone alarm saying 'the firewall has blocked internet access to your computer (TCP port 20865) from 61.231.240.177 (TCP Port 40716) (TCP Flags: S)
Haven't had this one before I don't think.I'm way out of my depth now
He who smiles rather than rages is always
the stronger0 -
Geordie ~
1st up ~ do you have access to another computer? (To be able to burn files to disc or pur on a usb stick or whatever)
Anyways ~
Reboot and keep pressing F8 until the SAFE MODE SELECTION SCREEN pops up
select SAFE MODE WITH NETWORKING
Download MALWAREBYTES (Make sure you click 'DOWNLOAD NOW')
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
UPDATE and FULL SCAN
Post the log here AFTER youve deleted everything it finds
Download and run LSPFIX
Download COMBOFIX (We may run this later)
Download HIJACK THIS (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_hijackthis/
REBOOT (Must be run in NORMAL mode)
Click DO A SCAN AND SAVE A LOGFILE (Takes seconds) then post the log so we can see whats running
(do NOT do anything else with Hijack but scan and post the FULL log):idea:0 -
Hi Rik,yes I am using another computer for MSE. I have selected 'safe mode with networking'
but it won't let me access the internet,says,cannot display the web page?He who smiles rather than rages is always
the stronger0 -
unusual that
I wonder if zonealarm is stopping it
Anyways ~ download all the programs to the CLEAN computer. Then go into safe mode on the INFECTED computer and install malwarebytes and run it. Run LSP fix. Reboot and go into NORMAL mode and run hijack (Upto you how you transfer the files, burn to disc or whatever):idea:0 -
Thanks,I ran 'diagnose connection problems' and it says 'windows has detected a problem with the Winsock provider caralog on this computer.Would you like Windows to reset the catalog to the default configuration' should I try that first?'He who smiles rather than rages is always
the stronger0 -
yes ~ go for it:idea:0
-
Okay,I have put malwarebytes onto infected computer again using usb but it still won't let me open it..aaarrrggghhhhhHe who smiles rather than rages is always
the stronger0 -
In safe mode?
Run hijack in normal mode then:idea:0 -
Son told me that his computer is infected as well so I have three of the flipping things going at the moment.
All of them froze at the same time and it tok me ages to get them back on.Have managed to scan with AVG in safe mode the two knackered ones and it's showing virus as Win 32/Cryptor.I'm just waiting for the scan to finish then going to try the other stuff again.
I'm concerned that it has got into my router,I don't want to knack this one I'm using now as it's my friends!!!!!!!He who smiles rather than rages is always
the stronger0 -
You cant infect the router
AVG isnt the greatest anti virus software either but at least you got it running:idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.1K Work, Benefits & Business
- 600.7K Mortgages, Homes & Bills
- 177.5K Life & Family
- 258.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards