What are the odds I still have a virus

[tjcinnamon]

I foolishly downloaded (and opened without scanning) a mkv "codec" that put some spyware (and potentially a virus) on my computer. I got some pop ups every time I opened up the browser saying of been infected click here to get "protection". Then no matter what you click it sends you to a site to get conned or infected further. This hasn't happened to me in years.

I have SpyBot 1.6 and NOD32 2.5. I ran a deep analysis system scan with nod 32 and it didn't find anything. I ran SpyBot and then cleared out some entries. I then did an online scan from Kaspersky as well as one from TrendMicro. They found one of a virus that was in my NOD32 quarantine but nothing that was active.

It looks like spybot cleared the problem up. As soon as ran it the problems went away.

What are the odds I still have a virus/spyware? What else should I run? I may try 1 or 2 more online scans. I really don't want to have to re-format my system drive.

Thanks,
JOe K.

 

[gomerpile]

The chances are slim but the payload of that virus is still there.. Run hijackthis. http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/qsg
Look for anyfiles that should not be in there and delete them. this is the only way I know to find and remove a payload. I would be able to figure out what to remove if you send a snap shot of the files hijackthis finds. Just think of how these fcking assholes grab your computer to advertise their program and now some of the buttholes have teamed up with systematic what a bunch of slim balls. I cannot find the fcking words to describe the sh!t heads
I dont use virus programs because its them that created the sh!t in the first place. I've been using OS since the dos and dbase days. I remember the day how the world of bbs internet explaining virus, and all the sudden norton was born, well shove it up your ass norton.
If by chance you get a prompt saying winstock use this tool to remove the unknown in the winstock
http://www.cexx.org/lspfix.htm

 

[tjcinnamon]

I got it using hijackthis (looked good), Malwarebyte's Anti-malware, NOD32, Spybot 1.6, Kaspersky 1 time DL scan, and a few online scans (Kaspersky, MicroTrend).

I agree norton, mcaffee suck. I tried to go with a lighter weight alternative like NOD32. I may just resort to using that and online scans.

 

[fazers_on_stun]

The chances are slim but the payload of that virus is still there.. Run hijackthis. http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/qsg
Look for anyfiles that should not be in there and delete them. this is the only way I know to find and remove a payload. I would be able to figure out what to remove if you send a snap shot of the files hijackthis finds. Just think of how these fcking assholes grab your computer to advertise their program and now some of the buttholes have teamed up with systematic what a bunch of slim balls. I cannot find the fcking words to describe the sh!t heads
I dont use virus programs because its them that created the sh!t in the first place. I've been using OS since the dos and dbase days. I remember the day how the world of bbs internet explaining virus, and all the sudden norton was born, well shove it up your ass norton.
If by chance you get a prompt saying winstock use this tool to remove the unknown in the winstock
http://www.cexx.org/lspfix.htm

Agree fully. My wife got a TROJ_BHO variant yesterday on her laptop, and after running various Trendmicro AV cleaners (incl. the downloadable Safeboot version), it still pops up upon rebooting. Has a bogus Windows Security message that there are 34 viruses found on her laptop, then a while later another message that an external site is attempting to hijack the computer from address xxx.xxx.xxx.xxx. So tomorrow I'll attempt to get rid of the ah heck with the tools you mentioned. And if that doesn't work, then reformat the partition.

Trendmicro doesn't have a lot of info on the above variant so I'm guessing it's fairly new.

 

[fazers_on_stun]

Update: Went to Microsoft Onecare, ran the free complete scanner, and now the TROJ_BHO.TY trojan is gone, plus the computer runs faster as the scanner also got rid of some 600+ obsolete registry entries.

When my Trendmicro subscription runs out in June, I'll be moving to Onecare...