Help me, I got a virus attack

Status
Not open for further replies.
soullust said:
Thats just a patch though, it is still on your system,
Click to expand...

That's not a patch LOL....I mean, unless they've changed the definition of patch.
It eliminates the process from bootup. You can boot to normal runime, and run a normal antivirus/spyare remover to eliminate all the orphaned files.
 
soullust said:
I suppose, I prefer use my windows Internet explorer..start having probs,

tools-INTERNET options-advanced-reset :)

she may have a back-door Trojan on her system though.

she seems to behaving a few issues, with windows updates etc.

better to be safe then sorry, and hey. I enjoy sharing what I know.

Hell call a tech line, what we taught her here would Probably cost her 100 dollars us...Id rather see people gaining this knowledge for free.
Click to expand...

:eek: Where did you learn all these? I really appreciate your help...
 
amethyst08 said:
Wow.. it is detecting: adware etc., adware etc., trojan.agent etc., trojan.dropper etc., unclassified etc., rogue, malware, backdoor, adware ... :eek: A lot of things.. this is since when ??

I am going to take a photo of it.. omg, 3:30 AM, whether it will take long?

Hey, Soullust... thank you so much *A big hug* :)

You, too, Repo...:) thanks everyone, for helping me!
Click to expand...

The initial malware infection holds the door open for much more malware. Until your computer eventually grinds to an almost complete halt from the load.

The people behind some of this are now on the run.

The CEO of a company accused of making more than US$100 million selling harmful "scareware" antivirus products was already a fugitive from US authorities, following his arrest in 2008 on criminal counterfeiting charges.

Advertisement

Shaileshkumar "Sam" Jain is one of three men who were charged by the US Department of Justice on Wednesday for allegedly operating a massive scareware distribution ring.

He's now thought to reside in Ukraine, but arrived there only after giving authorities the slip after being arrested by federal agents in 2008 on charges that his company sold counterfeit versions of Symantec antivirus products. Jain has been considered a fugitive by U.S. authorities since early 2009, when he skipped out on a $250,000 bond and failed to show up for a Jan. 12 California court appearance.

Jain ran a Ukrainian company called Innovative Marketing, which prosecutors say sold an astounding one million copies of fake antivirus products such as WinFixer, Antivirus 2008 and VirusRemover 2008.
Click to expand...
http://www.computerworlduk.com/management/security/cybercrime/news/index.cfm?newsid=20500
 
domesticated om said:
That's not a patch LOL....I mean, unless they've changed the definition of patch.
It eliminates the process from bootup. You can boot to normal runime, and run a normal antivirus/spyare remover to eliminate all the orphaned files.
Click to expand...

I know what your saying.

and yes what you say will "Prevent" her Computer from showing symptoms.

but the core Problem usually is still on the system running, and as repo said it will eventually overrun her system till she has a complete crash, followed by possible Dr Watson errors (Blue screen of death).
 
After I clicked yes, the computer is restarted and now I am in normal mode, whether I am doing it correct?

Now there is no more dialog box saying my computer is infected, but I still cannot take screenshot, right now on my screen there is "AV Security Suite" performing scan...

Oh, now the scanning is finished, and it asks me like this:

33vbt6v.jpg


Whether I have to return to "safe mode"..??
 
amethyst08 said:
After I clicked yes, the computer is restarted and now I am in normal mode, whether I am doing it correct?

Now there is no more dialog box saying my computer is infected, but I still cannot take screenshot, right now on my screen there is "AV Security Suite" performing scan...

Oh, now the scanning is finished, and it asks me like this:

33vbt6v.jpg


Whether I have to return to "safe mode"..??
Click to expand...

Hmm, still there. Go to this link and follow the instructions explicitly.
 
ughhhh, that annoying bug...

it messes with your host files..

do you know how to do a system search ?

if so look for these files,
1. Gav.exe
2. mgrdll.exe
3. Delete the folder GAV

delete them then delete your recycling bin.

restart your system, and yes do this in safe mode, after done you can reboot back in Normal mode.

Oh and what are you using for an anti virus?
 
Repo Man said:
Hmm, still there. Go to this link and follow the instructions explicitly.
Click to expand...

Omg, even the first paragraph is saying like this:

AV Security Suite
is a rogue anti-spyware program from the same family as Antispyware Soft and Antivirus Soft. Once installed, this fake program will display fake security alerts and state that your computer is infected with spyware, adware and other types of malware. Then it will prompt you to pay for a full version of the program to remove the infections and to make your computer more secure. Of course, that's not true, because AV Security Suite is an infection itself and obviously won't protect your computer from malware. Most importantly, don't purchase this bogus program. If you have already purchased it, then you should contact your credit card company and dispute the charges. Finally, please follow the removal instructions below to remove AV Security Suite from your computer as soon as possible either manually or with an automatic removal guide.​

Why do people create this kind of thing, it's no fun :bawl: It is 4 AM, but I am afraid if I shut it down and continue tomorrow, my PC won't wake up again...

Thanx, I will follow the step on that link...
 
soullust said:
ughhhh, that annoying bug...

it messes with your host files..

do you know how to do a system search ?
Click to expand...

No, I don't, could you pls tell me how??

if so look for these files,
1. Gav.exe
2. mgrdll.exe
3. Delete the folder GAV

delete them then delete your recycling bin.

restart your system, and yes do this in safe mode, after done you can reboot back in Normal mode.

Oh and what are you using for an anti virus?
Click to expand...


My anti virus is McAfee, I never installed anything else. This PC, I bought last July, and it has McAfee, and when it expires, I extended it (paying it)..

I will remove the AV sec suite first...
 
Repo Man said:
HM, still there. Go to this link and follow the instructions explicitly.
Click to expand...



she is getting into registry there though, she should make a reg back b4 hand just to be safe.



if she still has issues a hijack this link might give me and repo and who ever a look-see and tell you what to remove.
 
soullust said:
she is getting into registry there though, she should make a reg back b4 hand just to be safe.



if she still has issues a hijack this link might give me and repo and who ever a look-see and tell you what to remove.
Click to expand...

I don't expect her to do it manually. The removal tool recommended and linked in step five should do the trick.
 
OK,

click on the "Orb" (Start Menu)

then in the box where it says start search, type one in and see if they come up, if so right click delete, after that empty rec bin then restart.
 
Status
Not open for further replies.
Back
Top