Can't get rid of a worm!
Forum CPU & Components : CPUs - Can't get rid of a worm!
I was on the internet when my computer said that i had a virus. Then i found out that the virus was spy trooper, a fake anti-spyware remover. I successfully removed that and then my computer was fine. After i restarted my computer, i had more trouble. everything slowed down like hell. i used kaspersky and removed a lot of spyware, adware and some viruses. My computer found 1 virus that it couldn't remove. the name is virus.Worm. VB.an. Kaspersky cannot remove it at all. i need help ASAP.!
| Quote : I was on the internet when my computer said that i had a virus. Then i found out that the virus was spy trooper, a fake anti-spyware remover. I successfully removed that and then my computer was fine. After i restarted my computer, i had more trouble. everything slowed down like hell. i used kaspersky and removed a lot of spyware, adware and some viruses. My computer found 1 virus that it couldn't remove. the name is virus.Worm. VB.an. Kaspersky cannot remove it at all. i need help ASAP.! |
Hope this helps you:
http://www.grisoft.com/doc/112/lng/us/tpl/tpl01
Also, try installing Lavasoft's Ad-Aware. it's the best for removing stubborn spywares and malwares
| Quote : I was on the internet when my computer said that i had a virus. Then i found out that the virus was spy trooper, a fake anti-spyware remover. I successfully removed that and then my computer was fine. After i restarted my computer, i had more trouble. everything slowed down like hell. i used kaspersky and removed a lot of spyware, adware and some viruses. My computer found 1 virus that it couldn't remove. the name is virus.Worm. VB.an. Kaspersky cannot remove it at all. i need help ASAP.! |
Once your system is hosed to that level the only way to fix it is with a clean install.
can't help too much. i am guessing you are going on dubious sites without a proper firewall. may i suggest zonealarm. if you get that it should stop them getting on your comp in the first place.
it can also stop things on your comp from being able to execute and do harm. very useful.
| Quote : I was on the internet when my computer said that i had a virus. Then i found out that the virus was spy trooper, a fake anti-spyware remover. I successfully removed that and then my computer was fine. After i restarted my computer, i had more trouble. everything slowed down like hell. i used kaspersky and removed a lot of spyware, adware and some viruses. My computer found 1 virus that it couldn't remove. the name is virus.Worm. VB.an. Kaspersky cannot remove it at all. i need help ASAP.! |
Try AVG or avast!....
that's what you get for looking a pr0n without a firewall 
i fail to see why he would want to use AVG or avast when he is using kapersky. i have never seen any evidence that they are better only the opposite.
i know you are trying to help but whyy would he take a step backwards.
another tip is, going for an online enciclopedia like Norton's of Mcafee and read instructions of HOW TO REMOVE that virus
always try to run your computer in SAFE MODE with no network
and then run the antivirus, and antispyware
do it around 3 times until no virus is detected
if you're unlucky ( kernel or explorer infection ) you will have to reinstall
| Quote : I was on the internet when my computer said that i had a virus. Then i found out that the virus was spy trooper, a fake anti-spyware remover. I successfully removed that and then my computer was fine. After i restarted my computer, i had more trouble. everything slowed down like hell. i used kaspersky and removed a lot of spyware, adware and some viruses. My computer found 1 virus that it couldn't remove. the name is virus.Worm. VB.an. Kaspersky cannot remove it at all. i need help ASAP.! |
right. you are in the CPU section. go in the software section.
I second the Avast suggestion only for the boot time scanner at start up. I have seen it work were many have failed, in removing cooties at the boot up scan before anything can be loaded. Also if you can get ahold of a retail anti-virus disk that is itself bootable and can scan outside of the OS. Some Symantec products used to do it. Also Knoppix has virus tools amongst others great for repairing outside of the windows enviroment.
Worms suck! My turtles had worms once! Once!
i tried the ad-aware software but nothings works. Is there any way to delete everything on my computer and start over?
yes format you harddrive. do you have a windows disk?
If you can borrow another hardisk, install your windows there + zonealarm or any antivirus with anti spyware update it on the internet, then only then you can put your infected hardisk as slave, then you can start cleaning your hardisk. Cleaning virus and spyware must be done on a clean machine to begin with.
what cd are you talking about? i have a dell cd which i got when i ordered the computer?
hmm, just a plain recovery disk. might do. not too keen on that myself but the dell partition hopefully will be virus free. that is if i remember how they do things.
Have you tried booting to safe mode without network, disable System Restore and run your antivirus.
| Quote : I was on the internet when my computer said that i had a virus. Then i found out that the virus was spy trooper, a fake anti-spyware remover. I successfully removed that and then my computer was fine. After i restarted my computer, i had more trouble. everything slowed down like hell. i used kaspersky and removed a lot of spyware, adware and some viruses. My computer found 1 virus that it couldn't remove. the name is virus.Worm. VB.an. Kaspersky cannot remove it at all. i need help ASAP.! |
Well I think this is on the CPU section because you need help ASAP!. Why werent u using NOD32?
Did you try ad-aware? spybot search and destroy?
If after this you dont solve nothing, reinstall windows, is the best you can do.
It doesn't look like your installation of windows is going to see clear sky's again, your going to have to reinstall windows.
You should have received a disc with your Dell that is labbeled 'Recovery Disc', When you run this disc it will wipe absolutely everything on your hard-drive and put the normal dell build on, this means your PC will have all the same stuff on it that it did when you first got it.
If you have files that you simply must keep, boot into safe mode by repeatidly hitting F8 while your computer is starting and select safe mode. Then once you are in copy the files you need onto some kind of removable storage.
Put the recovery CD in and restart the computer, you should get prompted to 'press any key to boot of CD', the any key is usually hidden under your keyboard and is green with a leprechaun on it. Once you have booted off the cd the rest of the build should be automatic.
Once the machines rebuilt do a virus scan on the files you saved before restoring them. Make sure next time you install a good Virus scanner and Firewall and possibly get Lavasoft's Ad-Aware SE Personal and Spybot S&D (both are free).
i was joking about the green leprechaun button
| Quote : It doesn't look like your installation of windows is going to see clear sky's again, your going to have to reinstall windows.
|
| Quote : 'press any key to boot of CD', the any key is usually hidden under your keyboard and is green with a leprechaun on it. |
You idiots who just say to reformat instead of giving the person some help go to the Disney forums or something cause you aren't useful here. Just cause you are too dumb to try to figure out a Virus or Trojan issue doesn't mean the poster here is.
He is asking for help and ideas to save his data and current OS setup. I know it sucks cause I have had it happen before. It was long ago and I wasn't part of a forum so I lost everything that wasn't backed up.
Now there are so many tools you can download with step by step instructions to remove them.
So please don't spread your laziness or ignorance here.
Thank you.
__________________________________________
Prevention Programs:
SpyBlaster - will prevent spyware from being installed.
Spywareguard - offers realtime protection from spyware installation attempts.
Spyware/Adware - Detection and Removal Programs:
Ad aware - If you suspect that you have spyware installed on your computer, try Ad-Aware SE
Spybot S&D - If you suspect that you have spyware installed on your computer, try Spybot S&D
Free Online Virus scanners:
BitDefender
Panda
hope some of these help
Hmmm, Ok? 
But there is always something called Dear Google to save your life 
i again recommend zonealarm.. i have the security suite and it keeps me safe as far as i can tell. for his circumstance i would think a byte level virus scan should clear it up. never had to try it myself, it would probably take a while to complete.
| Quote : You idiots who just say to reformat instead of giving the person some help go to the Disney forums or something cause you aren't useful here. Just cause you are too dumb to try to figure out a Virus or Trojan issue doesn't mean the poster here is.
|
Shut-up before i show you my Pimp hand, not everyone has the time to run fifty fkn programs it's just easier to reformat sometimes and we didnt say reformat was the only option. stop trying to be a hero.
5 stars to that 
The best offense is a good defense with PC's. Once you get a serious virus your either going to waste a heap of productive time (something valuable to me) removing it or you'll spend a heap of productive time finding out that it's not going anywhere.
Get a good virus scanner and firewall, run detection programs regularly, use and alternate web browser, and be carefull what sites you visit. This should reduce your chances of getting in the sh.t.
If you do get a virus, as slim said, google it and find out how serious it is and act on that.
If it is an spyware that you have, google it and see how people got rid of it. Thats how I got rid of a stupid spyware that got into my system.
Forums will not always be the best way to get a solution for your problem.
| Quote : You idiots who just say to reformat instead of giving the person some help go to the Disney forums or something cause you aren't useful here. |
I had one of those types of worms once, it was darned near impossible to remove. I actually had to download some tools to do it, some of the tools listed as hazards by my virus scanner. The tools were needed to remove some protected files that most programs can't even see, that were modified by the worm, and rewrite the registry on a fairly massive scale. Windows restore points were even corrupt. Eventually I got the system clean, but could never roll back again. Once the system was working somewhat normally, AVG removed the affected restore points, etc.
And other than not being able to roll back, the system worked normally for several months. But it wasn't worth the effort. Better would have been to save my files to a removable disk, wipe the drive, reinstal everything included antivirus, and scan the saved files to remove contaminants before restoring them.
Once your hard drive is completely "hosed" you can't completely "go back" to the way things were. When this is the case, formatting is the better option.
| Quote : Once your hard drive is completely "hosed" you can't completely "go back" to the way things were. When this is the case, formatting is the better option. |
Hey if it is toast beyond toast, then possibly yes, a reformat is the way to go. But at the beginning of the post here, some people just said reformat before trying alternatives. Plus trying to fix the issue rather than just wipe and reinstall is part of a learning process. Also you learn a good deal of things to prevent this from happening again or to even fix it faster the next time if it does happen.
Reformatting is the LAST option
Well, you have two options here.
1) you may want to pull your drive out of your box and find a friend with a properly protected system. Install your drive in your buddy's system as a slave and have his AV and spyware programmes scan your drive and hopefully remove the invader. This would also be a good way to back up any files you need to keep without also infecting your backups. If the AV and spyware removal stuff doesn't woark, but does prevent infection of your backups you are OK for option 2, which will be your only remaining choice.
2) boot your system from a secure source and format your drive, then reinstall everything from scratch. You can also use your buddy's sytem to format your drive
Any other suggestions are a waste of time and effort. Given that it may not be possible to remove the invader without destroying your data anyways, if option 1 fails, don't waste your time.
And, once you have a clean system again, make sure you install appropriate and current protection before you go surfing again. You should also stop using Internet Explorer as your web browser. Use Netscape, or Mozilla or Firefox instead.
When your system is hammered like this the only solution is to rebuild after a recreating the drive partitions.
Good luck
| Quote :
|
You are so wrong it isn't funny. I have lots of experience with this exact problem, from my days as a computer consultant.
Reformatting is the second option, and not too long after the first one either.
As much as possible, it is preferrable to try and fix the problem. But the question you neglect to address is "How long is it going to take to fix it, and how much is my time worth?". A second and related question is "What happens if the best efforts I am capable of fail to fix the problem, never mind in a reasonable time frame?". I note that you didn't say a word about pulling the infected drive and instaling it as a slave in a properly protected system and scanning / cleaning it that way.
In my experience, if a system is as seriously compromised as the OP's there is absolutely no point in attempting to "fix" it. Save whatever you can in terms of data files, downloads you know are clean and say sayonara to the rest. Reformat the drive and reinstall everything from scrtatch. One will save lots of aggravation and time that way. And guarantee a clean system.
Your approach guarantees a lot of wasted time and effort, unnecessary aggravation and utterly unacceptable risk of a continued infection.
If you are going to give technical advice, keep your ego and attitude out of it. Your comment calling the other posters whose advice didn't agree with your ideas and I quote "idiots" makes your posts utterly irrelevent.
There's more than one approach to a problem, and time is money.
Your approach is expensive, does not guarantee success and a clean system as a result and you don't even raise the issue of backing up files. Some expert advisor you are.
to a degree i agree with you. i got some spyware called pyaxe which was particulary nasty. this was befoe i got zonealarm and was using AVG and spybot solely i think.
long story short, i didn't even think about reformatting and went online and found out how to remove it. yes, it took a while and meant having to manually remove a file from my system32 folder which it had created but i got it fixed.
however, in many cases reformatting is quicker and a more complete way of dealing with it. hell, some people format just to clear out crap from their machines every few months.
still, i know it is sometimes hard to control yourself but you have to try, especially in an ambiguous situation like virus removal.
Nothing ambiguous about virus / malware removal.
Either your anti-virus /spyware /malware software gets rid of it completely and relatively quickly or you reformat and reinstall.
It is important to remember that many of the current viruses, trojans and other malware out there include sub-routines to either disable protective software completely or have mechanisms to bypass it. And if your system is infected by something that has such a feature before your particular manufacturer of Anti-virus etc software has a detector and fix for the problem, downloading the fix after the fact will not help.
In such a case, you can do one of two things: first, pull the infected drive and connect it to another machine that is more current than yours, scan it and hope the invader(s) are removed successfully. If this fails, on to option 2: second, back up any files you need / want to keep, ensuring they aren't infected and then reformat the drive and reinstall everything. Anything else is both a waste of time and socially irresponsible.
Seperate partitions for assorted classes of applications and data files become increasingly attractive.
In today's environment of botnets consisting of multiple compromised zombie systems, you as an individual have a duty to the rest of the community to protect your system and use appropriate remedial measures when your system gets compromised. Note that in many cases, your system was compromised by a zombie in a botnet.
i meant ambiguous in the sense that as sis shown here many people choose their own methods of protection and indeed removal from formatting to rooting out the the virus manually. i'm sure people will argue about it for eternity in some circumstances which makes it in my eyes ambiguous.
Removing a virus or other malware is conceptually simple. Nothing ambiguous about it.
If you are running appropriate software that is curent you will be able to deal with the problem quickly and easily, assuming that the malware you are trying to deal with hasn't disabled your software.
If the malware has disabled your protective software, you can do one of three things:
Before doing any thing, make sure that you have backed up or are able to back up your data etc.
1) pull the drive(s) and attachthem to another machine with more current capabilities and scanm your drive and hopefully clean it up.
2) gather information about the malware and attempt to remove it manually. This can be a very difficult and tedious process. And, if like the SONY/BMG rootkit software, the malware makes itself invisible to the standard tools in Windows, you wont be able to find and remove it. It may be possible to find tools on the web to deal with something like this, but odds of success are very low. If you have the time and tools to use this approach, fine. But it is useful to remeber that this is one of those, to quote Yoda, "Do, Not Do! there is no Try!" situations.
3) reformat the drive and reinstall. Works every time to get rid of the garbage.
So, where exactly is the ambiguity here? Perhaps you should explain how you define ambiguous and ambiguity first.
you have just shown the abiguity with that post. not everyone belives in foloowing those steps. some prefer to jump to the reformat very quickly others don't belive in it at all or as a very last resort.
perhaps ambiguity isn't the best word literally but i think it fits what i was trying to say. you are being anal about it.
the very fact that people have posted different ways of solving the same issue, albeit, reformat, various virus scanners and manually hunting the virus down show that their is not one route that HAS to be taken.
I love it when people attempt to intimidate and bully other posters by using specific medical terms. Usually incorrectly to boot. As you have done.
The full term you are using when you say I am "anal" is "anally retentive". This has a specific meaning and application to certain behaviours and approaches to life situations. Given that I have siblings who are doctors and sociologists, you can be sure that I know what the term means and how it really applies. And, bucko, you don't have it right. Stop trying to intimidate andd bully me because I show that both your terminology and approach to the problem the OP has asked for help with is incorrect and inadequate.
In any case, removing any kind of malware (virus, trojan, spyware, you name it) is a technical prpocess that involves a limited number of steps and proceedures, none of which are especially obscure. It is a cold, hard fact that the steps should be done in a particular order and that if all the "easy" steps fail, the only option is a format and re-install. In some very extreme cases where the MBR on a hard disk has been compromised, it becomes necessary to delete partitions and restart installation by re-creating partitions, and then formatting the new partitions and then re-installing the OS, apps etc.
The only real question here is how much time and effort it is reasonable and appropriate to spend on the manual clean-up process by scanning all directories on the hard dive(s) and manually editing the registry. While making sure that assorted files are backed up as required. The majority of the population doesn't have the expertise to edit the registry and even relatively small errors in doing so will render the system unbootable, making a reformat and reinstall the only viable option. Funny how we keep cooming back to that option.
And, as I noted earlier, some malware does a very good job of hiding itself and the odds of either discovering it or finding appropriate tools to remove it are very low. The only reason the Sony/BMG issue came out was a fluke. I wonder on what basis you are assuming in this day and age that there aren't many more of the same sort of malware out there. And how you propose to deal with a problem you can't see. And if you can't see it, it will still be there after you have "finished" manually cleaning your system. Not what I would call a successful or desireable conclusion.
"Anal" indeeed.
again, you are picking apart my words even though the meaning is perfectly clear and indeed you are demonstrating my point by doing so.
i am not trying to bully you, nothing of the sort. i just do not like the way you go on as if your way is the only way. IMO, how you go about removing a problem is each to your own as long as it gets it done. you may prefer to do it one way but that does not mean everyone has to go about it exactly the same.
exactly where is my advice wrong. my terminology i believe has been clear to all i would think. you seem to think you are ver elite here which you are not.
nothing you have said is difficult to understand nor is it something alot of people don't know. all you seem to be unable to comprehend is your way is not the only way.
people can go about getting rid of a problem any way they like as long as it gets done. im having touble not laughing at how serious your taking this and how huffy and puffy you are getting at someone daring to think you are not a technological god who must be adhered to. why don't you lay off others and get a grip.
jesus, you probably actually think you are beating me in this "argument" and really showing who's boss, trust me you aint.
Uh Huh.
Whatever you say.
I have just one question for you:
What is it that you have against the OP that you you are spending so much time and energy attacking me and my experience and the reasonable advice given?
What has the OP done to you to warrant such loathing and consequent misdirection of resources on your part?
First off, don't speak down to anyone. Second, if this tirade isn't answering the original question, I'll request a lock.
First off, download and install the following programs from download.com:
Spyware Prevention:
Spyware Blaster
Windows Defender
Anti-Virus:
AVG Free
Firewall:
ZoneAlarm
Spyware Removal:
AdAware Personal SE
HijackThis
Browser:
IE7
Firefox 2
Browser Extensions for IE7:
McAfee SiteAdvisor
Browser Extensions for Firefox:
Adblock Plus
Flashblock
FoxyProxy
McAfee SiteAdvisor
NoScript
ShowIP
Secondly, get all Windows updates and all other program updates.
Thirdly, disconnect from the internet and scan for viruses/spyware (repeat until infestation is gone)
Fourthly (if needed), if infestation won't go away, reinstall Windows and start from scratch.
Finally, let this be a lesson to you and all others that one needs to be more wary when surfing the net.
| Quote : The full term you are using when you say I am "anal" is "anally retentive". |
NO, he had it right. I just think he was politely calling you an A$$
| Quote : What is it that you have against the OP that you you are spending so much time and energy attacking me and my experience and the reasonable advice given? |
Just the same as you. Attacking everyone else's advice. Don't call the kettle black.
| Quote : And if your system is infected by something that has such a feature before your particular manufacturer of Anti-virus etc software has a detector and fix for the problem, downloading the fix after the fact will not help. |
Yes another sign of your ignorance and stupidity.
Not replying to/commenting you in particular, but as always, too lazy to scroll up...
Here's what I thought. Some posters suggest to attach the drive to other well/better protected pc and have a scan or two. Iv'e done something like that, sometimes it worked, some not.If it didn't work, before you backup everything important and format your hd, I would like to suggest something
Try installing KillProcess and Unlocker. use KillProcess to stop/kill process that's currently running (make sure it's not essential system process).Go to my computer,right click on any hd partition(s), use Unlocker.Unlock each and every instance(s) of possible malware/spyware/virus that are currently running. Scan using latest update antivirus of your choice
But well,as some of you have already posted, may be formatting the hd is the best option, time and economically wise.
Please correct me if I'm wrong/not very accurate,TQ
| Quote : Not replying to/commenting you in particular, but as always, too lazy to scroll up...
|
Good suggestions, but dependant on the specific OS version in use. - I am assuming some flavour of Windows here. You would be amazed at how many people are still running Win 95 out there.
I also think that some sort of root-kit detection software is necessary.
| Quote : What is it that you have against the OP that you you are spending so much time and energy attacking me and my experience and the reasonable advice given? |
Just the same as you. Attacking everyone else's advice. Don't call the kettle black.
You really should learn to read. It would also be good if you actually remembered what it was that you yourself wrote previously.
Your previous advice was niether complete nor ultimately useful. And, as I recall, you made some extremely intemperate and disparaging remarks about other posters yourself. Speaking of kettles calling pots black.]
And, unlike your "solutions", the progression I outlined will guarantee a clean system.
| Quote : First off, download and install the following programs from download.com:
|
Last year, CERT was recommending that one should use any other browser than Internetr Explorer when surfing the web. So far, I have seen nothing to indicater that this advice is no longer valid.
I like wizardoz's option. If you know someone with a proper install of, say Norton AV, with fresh updates, that should be able to remove the virus. But it will not undo the damage done, which if this the virus I think, will be considerable and not worth your time to try to repair.
If you get the virus removed, copy off your data and then do a fresh re-install.
A plan b might be to just copy the data off, infected or not, re-install, get some good av, then scan your backed up data before restoring.
Confirm my guess.... Do you have any valid restore points?
| Quote : And if your system is infected by something that has such a feature before your particular manufacturer of Anti-virus etc software has a detector and fix for the problem, downloading the fix after the fact will not help. |
Yes another sign of your ignorance and stupidity.
Perhaps you could be very kind and explain to the OP (and myself, along with the rest of the good readership here) how downloading an updated fix / upgrade to a protective application that has been de-activated by a previously installed and running piece of malware will actually work.
Just so we are clear on the scenario:
1) I have a set of protective applications, that are as up to date as possiible running in the background full time.
2A) Somehow I get my system infected with malware (of whatever sort) that is able to disable the most current versions of any protective software I am running.
2B) I go to the appropriate manufacturer web-sites and download more recent patch / sigmnature files and attempt to install them.
2C) In order to successfully install the updates, normally the protective software must be running. And, even if it is possible to patch the software when it isn't running, the changes won't take effect until the system is re-booted and the software is actually running.
2D) Even if the system is re-booted with the patches applied, but the malware is still present on the system, it will load itself prior to the protective software - that's how this garbage works- and it will still disable the patched software from doing its job.
3) Given how Windows works and how some malware works, on what basis do you suggest that merely downloading and installing patches is enough to deal with the problem at hand?
4) Can you say: SONY/BMG Rootkit? Can you say: deliberately hidden from ALL tools? Can you say: On what basis do I assume this is the only example of such garbage?
5) Assuming that the previous point rang any bells, perhaps you could be kind enough to expalin the procedure(s) you propose to remove malware that is both hidden from the user at very deep levels and not documented on the web. Keep in mind that the existance of the SONY/BMG Root-Kit became known largely by accident. On what basis do you assume that this was an isolated incident, especially in the context of current DRM and copy-protection efforts and inititives by various groups? Or are you going to claim ignorance of the various, spurious copy-right infringerment law-suites by the RIAA, among others?
Speaking of "Ignorant and Stupid", look who is talking. You may wish to review your assumptions and attitude.
There are 8 identified and unidentified users. To see the list of identified users, Click here.
Please mind
You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.
