We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Infected computer! Please help!
Options
jamtart6
Posts: 8,302 Forumite
in Techie Stuff
Think my PC has a virus - it is a "fake" antivirus telling me I've been infected, but it doesnt look like my usual antivirus - it is askingh if i want to block the attack - to get the pop ups to go away, anywhere i click sends me to a dodgy site.
ive started running an AVG scan - but it clearly isnt good enough to protect my computer in the first place.
1. how can i get rid of the virus?
2. what free antivirus is better than avg?
thanks in advance :A
ive started running an AVG scan - but it clearly isnt good enough to protect my computer in the first place.
1. how can i get rid of the virus?
2. what free antivirus is better than avg?
thanks in advance :A
:ABeing Thrifty Gifty again this year:A
0
Comments
-
Download MALWAREBYTES (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_malwarebytes_anti_malware/
Open malwarebytes and goto UPDATE and click 'check for updates'. After its updated goto SCANNER and click PERFORM QUICK SCAN then click SCAN
Remove everything thats found (needs to be ticked)
Post the COMPLETE log here AFTER youve deleted everything it finds
If anything was found then do the exact same but run a FULL scan
reboot
Download HIJACK THIS
http://download.cnet.com/3001-8022_4-10227353.html?spi=f323e4ed53a8a1b6c63e66c4b678a8f6
(It auto downloads, do NOT click to download anything off the page)
Click MAIN MENU then DO A SYSTEM SCAN AND SAVE A LOGFILE(Takes seconds) then post the log so we can see whats running
(do NOT do anything else with Hijack but scan and post the FULL log)
If you get a message that you cant write to the hosts file then Press the SHIFT key, and whilst holding it RIGHT CLICK and select RUN AS (admin):idea:0 -
Does this guide help?
http://www.bleepingcomputer.com/virus-removal/remove-my-security-shield
Never trust information given by strangers on internet forums0 -
i have downloaded malwarebytes but it won't double click to run. eek!
:ABeing Thrifty Gifty again this year:A
0 -
Reboot and keep pressing F8 to get into SAFE MODE WITH NETWORKING
Install it from there
if it still wont play ball then run FixExe.reg (to allow malwarebytes etc to run). After clicking YES it will be fixed (Nothing will visually happen)
http://download.bleepingcomputer.com/reg/antivirus-vista-2010/FixExe.reg:idea:0 -
spannerzone wrote: »Does this guide help?
http://www.bleepingcomputer.com/virus-removal/remove-my-security-shield
Or this one?
http://www.bleepingcomputer.com/virus-removal/remove-security-tool
Just running it on someones pc now.
He swears he was just looking at the football results last evening.
Move along, nothing to see.0 -
i was just watching the vampire diaries and that is the gods honest truth!!!!
:ABeing Thrifty Gifty again this year:A
0 -
Bloody vampires... :rotfl:0
-
Avira would be a much better choice than AVG, remember when you uninstall AVG to also download the AVG remover as the uninstall is not 100%Survey earnings total 2009 £417, 2010 £875, 2011 £5740
-
I don't think antivirus progs pick this up - they certainly can't sort it. My firewall alerting me that something is trying to make changes is sometimes the 1st sign of it. Malwarebytes and then combofix have not failed me yet when dealing with it.0
-
Bloody vampires indeed!!!
After the quick scan:
Malwarebytes' Anti-Malware 1.50.1.1100
https://www.malwarebytes.org
Database version: 5408
Windows 6.0.6000 (Safe Mode)
Internet Explorer 7.0.6000.17037
28/12/2010 19:03:39
mbam-log-2010-12-28 (19-03-39).txt
Scan type: Quick scan
Objects scanned: 184941
Time elapsed: 4 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nscbnkhk (Trojan.Dropper) -> Value: nscbnkhk -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\kate\AppData\Local\Temp\geroktfme\sbdtaeolajb.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\kate\AppData\Local\Temp\00395667.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
Just about to do a full scan thanks for your help! viagra.com has been popping up all day thanks to the bloody virus!
:ABeing Thrifty Gifty again this year:A
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.8K Banking & Borrowing
- 253K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.8K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.8K Life & Family
- 257.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards