Help me, I got a virus attack

[amethyst08]

Hi, all, this is kira,

I don't want to login from my kira account because the password is the same with an important account.

I got a computer virus attack, and I cannot do anything to remove it. I can't even take a screenshot of my computer, because I cannot run "paint" to paste my screenshot.

I have taken photos with my camera, will upload later (if I can)

Right now what I have in my screen are:

2 b continued

 

[amethyst08]

The first dialog box that don't want to go from my screen eventhough I already pressed CTRL-ALT-DEL:

"Security Warning

Application cannot be executed. The file autorun.exe is infected.
Do you want to activate your antivirus software now?"

 

[amethyst08]

That appears after I tried to remove the virus by using my computer recovery CD and clicked the autorun.

Before I put recovery CD, the same dialog box appears too many times, and still appears on the bottom of my sceen, only the files that are infected are different

 

[amethyst08]

When I clicked "No" (don't want to activate the antivirus), the dialog box keep popping, but when I clicked, yes, it takes me to this page:

http://profantivir.net/purchase?pgid=2&r=75.3

(AV Security Suite page) and it told me to purchase. I don't know if that site is fake or not, but I already have McAfee on my computer, why I should buy new?

 

[amethyst08]

I figured that soon enough I will not be able to run my compute, so before it's too late, on the other dialog box there is a saying like this:

2 b continued

 

[amethyst08]

it says:

"INFILTRATION ALERT

Your computer is being attacked by an internet virus. It could be a password-stealing attack, a trojan - dropper or similar.

Attack from: 189.107.66.146, port 54239
Attacked port: 42604
Threat: BankerFox.A

Do you want block this attack?"

And it again told me to go to this site:

http://profantivir.net/purchase?pgid=2&r=75.3

to pay some money, I don't want, because it means I have to give my account number or credit card number to a site that I cannot trust, right?

I cannot run my windows recovery CD, what can I do???

 

[amethyst08]

I will try to upload the photos, I don't know if my explorer will work or not

 

[amethyst08]

p.s.: fortunately I always back up my data regularly, so I have no problems if I have to lose everything on my PC now. I just want the virus gone. If somebody knows what to do, pls let me know step by step.

Thanks,
~kira

 

[amethyst08]

Btw, after I got this dialog box:


"Security Warning

Application cannot be executed. The file autorun.exe is infected.
Do you want to activate your antivirus software now?"

Does it mean that my recovery CD also damaged now??

 

[amethyst08]

p.s.: before I got this virus infection, my friend used my PC to watch football live streaming, I wasn't at home. But I don't know if a football live streaming program can damage my computer. When the friend left it, it hasn't been affected yet. I then only accessed my email, facebook, and check some news (BBC, an a usual Indonesian news portal detik.com). Virus attack has been going on for past 30-60 minutes

 

[amethyst08]

:bawl:

 

[soullust]

log into safe mode, with networking.

download superantispyware.com, run the program in safe mode.

B4 you start it's scan though, open task manager go to processes , and disable explorer.exe, after scan has ran and you fixed issues. reset system boot in normal mode, if problem still there I will try to talk you through some more steps.

We might as well start here.

 

[amethyst08]

log into safe mode, with networking.

download superantispyware.com, run the program in safe mode.

B4 you start it's scan though, open task manager go to processes , and disable explorer.exe, after scan has ran and you fixed issues. reset system boot in normal mode, if problem still there I will try to talk you through some more steps.

We might as well start here.

Thanks for a reply :bawl:

How to "log into safe mode, with networking"??

I really have no idea. Btw, my computer is windows vista, if it helps.. And now my screen is like this:

(it's blur because I have to remove the blitz)

Ok... let's not be panic... uffhhh...

 

[cosmictraveler]

Get to your restore button and hit it to restore to an earlier date like about 3 to 6 days ago. Then you shouldn't have the virus any longer because it wasn't there back then.

 

[soullust]

oh, as for the windows update error, check to make sure your background intelligence transfer services is set to run, you get to the services page by clicking the "Orb" (start menu), then right click on "Computer" select manage, and then select services and applications.

 

[amethyst08]

log into safe mode, with networking.

download superantispyware.com, run the program in safe mode.

B4 you start it's scan though, open task manager go to processes , and disable explorer.exe, after scan has ran and you fixed issues. reset system boot in normal mode, if problem still there I will try to talk you through some more steps.

We might as well start here.

The part that I don't understand how to do is in the blue bold..

 

[cosmictraveler]

The part that I don't understand how to do is in the blue bold..

Try my suggestion.

 

[amethyst08]

oh, as for the windows update error, check to make sure your background intelligence transfer services is set to run, you get to the services page by clicking the "Orb" (start menu), then right click on "Computer" select manage, and then select services and applications.

I have already written it down, I should do it after I log into safe mode later, yes...? (which I don't know how)

Get to your restore button and hit it to restore to an earlier date like about 3 to 6 days ago. Then you shouldn't have the virus any longer because it wasn't there back then.

Where do I find the "restore button"??

I am sorry, pls be patient with me, I am very bad in it, and now here in Germany is 2:30 AM, so I can't ask any of my friends or neighbours to come over..

btw thanx

 

[Psigknosis]

Hopefully this link may help too in order to rid yourself of BankerFox.A

Sigh..unable to post a link yet but Google BankerFox.A and there's plenty of help to remove it...good luck!

 

[soullust]

Get to your restore button and hit it to restore to an earlier date like about 3 to 6 days ago. Then you shouldn't have the virus any longer because it wasn't there back then.

It could be a root worm, but yes you can try that, if you care not too loose anything saved in that time.

But if you do do that Id recommend disabling the system restore then restarting it after if everything works fine. The Virus will still be in the system restore and your anti-virus scans might drive you nuts with a false positive.

as for the safe mode, restart your system and continuously tap f-8 about every second or so it should give you an option menu with it in there.