Help me, I got a virus attack

[Repo Man]

The part that I don't understand how to do is in the blue bold..

When you turn your computer on, begin tapping the F8 key. This will cause it to display your boot options, and one of those is safe mode with networking.

Your computer is infested with one of the latest versions of Winantivirus Pro. This malware actually has the audacity to charge people for the privilege of having their computer disabled. How to remove AV Security Suite.

 

[amethyst08]

Ok, thanx, I will firstly restart and press the F8 key

 

[soullust]

I have already written it down, I should do it after I log into safe mode later, yes...? (which I don't know how)



Where do I find the "restore button"??

I am sorry, pls be patient with me, I am very bad in it, and now here in Germany is 2:30 AM, so I can't ask any of my friends or neighbors to come over..

BTW thanks

To access all your SYSTEM TOOLS, just open a task manager and select new task under the tasks tab, then type in msconfig.

it should open your system configuration utility, after that the last tab there in the Utility should be tools it will list any operating system tool you have, all you do is just double click on which ever one you want, or need

 

[amethyst08]

My screen is now very ugly, all big buttons and fonts, but the annoying dialog boxes are gone, thanx God.

This is in safe mode..

 

[amethyst08]

So, do I have to do all these steps altogether? I am a bit confused.

I now firstly have to download superantispyware.com, yes?

log into safe mode, with networking.

download superantispyware.com, run the program in safe mode.

B4 you start it's scan though, open task manager go to processes , and disable explorer.exe, after scan has ran and you fixed issues. reset system boot in normal mode, if problem still there I will try to talk you through some more steps.

We might as well start here.

Get to your restore button and hit it to restore to an earlier date like about 3 to 6 days ago. Then you shouldn't have the virus any longer because it wasn't there back then.

oh, as for the windows update error, check to make sure your background intelligence transfer services is set to run, you get to the services page by clicking the "Orb" (start menu), then right click on "Computer" select manage, and then select services and applications.

Hopefully this link may help too in order to rid yourself of BankerFox.A

Sigh..unable to post a link yet but Google BankerFox.A and there's plenty of help to remove it...good luck!

It could be a root worm, but yes you can try that, if you care not too loose anything saved in that time.

But if you do do that Id recommend disabling the system restore then restarting it after if everything works fine. The Virus will still be in the system restore and your anti-virus scans might drive you nuts with a false positive.

as for the safe mode, restart your system and continuously tap f-8 about every second or so it should give you an option menu with it in there.

When you turn your computer on, begin tapping the F8 key. This will cause it to display your boot options, and one of those is safe mode with networking.

Your computer is infested with one of the latest versions of Winantivirus Pro. This malware actually has the audacity to charge people for the privilege of having their computer disabled. How to remove AV Security Suite.

 

[soullust]

My screen is now very ugly, all big buttons and fonts, but the annoying dialog boxes are gone, thanks God.

This is in safe mode..

yes, your screen is annoyingly large because your display driver is disabled.

Now go to www.superantispyware.com and download free program, works great, then run the scan, then just restart system to see if your problem left.

in normal windows not safe mode.

we will try the restore last step, run the Free program i gave you first.

 

[amethyst08]

yes, your screen is annoyingly large because your display driver is disabled.

Now go to www.superantispyware.com and download free program, works great, then run the scan, then just restart system to see if your problem left.

in normal windows not safe mode.

Ok, I will try this, thanks!

 

[soullust]

good stuff will be here, make sure you select the free version of the software, it works fine.

 

[amethyst08]

yes, your screen is annoyingly large because your display driver is disabled.

Now go to www.superantispyware.com and download free program, works great, then run the scan, then just restart system to see if your problem left.

in normal windows not safe mode.

we will try the restore last step, run the Free program i gave you first.

I have finished downloading it, I haven't run the scan yet. Last time you said before I run the scan I have to firstly disable explorer.exe in Task Manager --> processes, do I have to do that first now?

 

[soullust]

I have finished downloading it, I haven't run the scan yet. Last time you said before I run the scan I have to firstly disable explorer.exe in Task Manager --> processes, do I have to do that first now?

it wouldn't hurt.

Make sure to open the scan and first, let it update.

then disable explorer.exe with the scan open, if you do it the other way, (disabling explorer.exe first). It can be a headach finding the scan

 

[domesticated om]

LOL --- I've had to remove this from numerous computers. People keep clicking on the message box instead of killing the browser process via task manager.


firefox + noscript = no more fake AV browser-jacking

 

[soullust]

LOL --- I've had to remove this from numerous computers. People keep clicking on the message box instead of killing the browser process via task manager.


firefox + noscript = no more fake AV browser-jacking

Thats just a patch though, it is still on your system,

 

[Repo Man]

Thats just a patch though, it is still on your system,

No, that's a very sure method of preventing infection. But I've found NoScript disables too many sites to be a viable option for the people who really need to run it, so it isn't as helpful as it could be. But FF with Ad Block Plus and NoScript is probably as safe as you can be without running some form of Linux.

 

[amethyst08]

it wouldn't hurt.

Make sure to open the scan and first, let it update.

then disable explorer.exe with the scan open, if you do it the other way, (disabling explorer.exe first). It can be a headach finding the scan

It is now asks me, which one to scan:
- C:\-Fixed Drive (NTFS)
- D:\-Removable
- E:\-Removable
- F:\-CD-ROM

And:
* Perform Quick Scan
* Perform Complete Scan
* Perform Custom Scan

By default, it selects C:\ and * Perform Quick Scan

Whether I should change the default, or proceed?

 

[amethyst08]

No, that's a very sure method of preventing infection. But I've found NoScript disables too many sites to be a viable option for the people who really need to run it, so it isn't as helpful as it could be. But FF with Ad Block Plus and NoScript is probably as safe as you can be without running some form of Linux.

?? I didn't change anything in my firefox, because I am afraid I'd do something wrong, I just use it like it is...

 

[soullust]

I suppose, I prefer use my windows Internet explorer..start having probs,

tools-INTERNET options-advanced-reset

she may have a back-door Trojan on her system though.

she seems to behaving a few issues, with windows updates etc.

better to be safe then sorry, and hey. I enjoy sharing what I know.

Hell call a tech line, what we taught her here would Probably cost her 100 dollars us...Id rather see people gaining this knowledge for free.

 

[Repo Man]

The quick scan of the C: drive will probably take care of it; you can try a full scan later.

 

[amethyst08]

The quick scan of the C: drive will probably take care of it; you can try a full scan later.

Ok..

 

[amethyst08]

Wow.. it is detecting: adware etc., adware etc., trojan.agent etc., trojan.dropper etc., unclassified etc., rogue, malware, backdoor, adware ... A lot of things.. this is since when ??

I am going to take a photo of it.. omg, 3:30 AM, whether it will take long?

Hey, Soullust... thank you so much *A big hug*

You, too, Repo... thanks everyone, for helping me!

 

[soullust]

Wow.. it is detecting: adware etc., adware etc., trojan.agent etc., trojan.dropper etc., unclassified etc., rogue, malware, backdoor, adware ... A lot of things.. this is since when ??

I am going to take a photo of it.. omg, 3:30 AM, whether it will take long?

Hey, Soullust... thank you so much *A big hug*

You, too, Repo... thanks everyone, for helping me!

No prob hun.

And yeah superantispyware is a beast..