Search
Sign in with
Sign up | Sign in

My Computer Just Got A Virus - Please Help?

Last response: in Windows 7
Share

Since yesterday, I had my firewall disabled for a day to fix some beta issues with SW:TOR. After the beta ended, I forgot to turn my firewall back on. I went to this website, and as soon as I left, my Norton kept spamming me to give "Google" permission to do something. I clicked no, but it would return. Eventually I clicked yes, and my computer has been SCREWED up since then.


Now:

- My taskbar icons disappeared. My word, excel, SC2, WoW, LoL icons all disappeared.
- My start menu has 3 icons in it now. Opera, control panel, and my computer.
- When I go to some websites, for example, some websites with the word "Anti-virus" in it, it re-directs me to the same page where it says downloading (search phrase) and then a %.
- My task manager says iexplorer.exe is running. Every time I close it, it opens back up.
- I can't find a LOT of programs on my computer now for some reason.



All of this is making me very angry. Any help would be appreciated. I ran Avira scan, it found 7-8 problems, I quarantined them, and then deleted them. Spybot Search and Destroy found 6 problems. I "fixed" and removed them all.

I tried doing a system restore to two different points, but after each restore, it said that "a file from the restore point is missing, system restore did not complete."

After all of this, my computer is still not working properly!

Please, ANY help would make my day! I can't do anything right now...

More about : computer virus

Register or log in to remove

i suggest booting up in safe mode with network (reboot and repeatingly press F8 till you get a menu with options such as safe mode, safe mode with networking, VGA mode)
Download combofix: http://www.bleepingcomputer.com/combofix/how-to-use-com...
Run it, till it shows a log file (may reboot by itself)
after that run malwarebytes: http://www.malwarebytes.org/

After all this it should have wiped off about 98% of the bad things.

Edit: Use the link nikorr posted
Related ressources
Ask the community

I used Norton, but it's subscription was down. I also use Spybot S&D which is pretty good.


Thanks for the info so far, I'm going to do the safemode thing and try what you told me! It is appreciated.


Will my files that I can't find come back? For example, I have Starcraft 2 on my taskbar, but now not only is it not there, it also can not be found in my start menu's search. Its file folder with the files is found, but no executable.

TheMendicantBias said:
I used Norton, but it's subscription was down. I also use Spybot S&D which is pretty good.


Thanks for the info so far, I'm going to do the safemode thing and try what you told me! It is appreciated.


Will my files that I can't find come back? For example, I have Starcraft 2 on my taskbar, but now not only is it not there, it also can not be found in my start menu's search. Its file folder with the files is found, but no executable.


There's a high chance they'll come back, if not, 90% of time they'll just be hidden somewhere else in which you should be able to get them back manually.

110k files scabbed so far with Malware bytes, 0 objects infected found. Opera keeps closing, internet explorer keeps closing every time I go to a page with "anti-virus" or something like that in it. My guess is that the virus is censoring it.


I'm still running malware bytes. hopefully the issue found >.<

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8288

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.7601.17514

01/12/2011 6:33:12 PM
mbam-log-2011-12-01 (18-33-12).txt

Scan type: Full scan (C:\|D:\|F:\|G:\|H:\|I:\|)
Objects scanned: 364844
Time elapsed: 39 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I ran malware bytes, and all of my browsers keep crashing. what the hell is going on...




my programs/task bar crap that got hidden isn't back yet either...

catalyst control center, and all of the intel i7 drivers are still crashing.


i haven't restarted my computer yet, so maybe that's it.


at this point, i'm kind of raging = /
Security Expert
Windows 7 Authority

TheMendicantBias said:
I ran malware bytes, and all of my browsers keep crashing. what the hell is going on...




my programs/task bar crap that got hidden isn't back yet either...

catalyst control center, and all of the intel i7 drivers are still crashing.


i haven't restarted my computer yet, so maybe that's it.


at this point, i'm kind of raging = /

Did u run #2?

anyone know how i can at least restore my system? I'd be happy with that. I have a couple of restore points before crap hit the fan, but every time I try, even from safe mode, it seems to fail...


i'm really sad right now. =(

nikorr said:
Did u run #2?

I have a 64 bit OS, and so I'd have to use spybot SD according to your link, but every time i try to run it in safe mode, it says it can't run in safe mode.


should i run it in normal mode? and if i do, will that even fix this? my problems are still there.



I am beginning to hate people who code viruses, diallers, keyloggers, etc with a passion.

nikorr said:
Do not use system restore as it is most likely infected.



so, then what you're saying is that i have to re-dl my OS? i can't, and that would make me reinstall or lose 500gb of data...


sigh...

I don't have my OS disk. I bought this comp from alienware, and windows 7 was already on it when it came (although I did purchase the OS.)



what should I do? I'm running spybot right now, and it has found 2 entries of w3i.IQ5.fraud

it's still completing. I'm in safe mode atm.
Security Expert
Windows 7 Authority

TheMendicantBias said:
so, then what you're saying is that i have to re-dl my OS? i can't, and that would make me reinstall or lose 500gb of data...


sigh...

I don't have my OS disk. I bought this comp from alienware, and windows 7 was already on it when it came (although I did purchase the OS.)



what should I do? I'm running spybot right now, and it has found 2 entries of w3i.IQ5.fraud

it's still completing. I'm in safe mode atm.

OK, finish the scan first.

sigh...i don't know if the virus is gone or not, but I just started in normal mode (logged in now) and the icons are not back, and I still can't find sc2 etc.

Catalyst control center just crashed upon logging in again, and so did the intel center.

restarting again...after that trojan destroyer program, S&D, malware bytes, I guess I'll give the avast home edition thing a try.


Also, the virus seemed to still be affecting me in safemode with networking. Is that normal/usual? Opera and my other browsers still crashed when I went to any anti-virus site.






I don't know HOW something this harmful got into my computer. I've experienced a few viruses before; none this sheer painful to get rid of.

Just to add a little to the topic.
R kill . Stops most active infections. It does not remove them but stops them from running.
Many virus writers know about MBAM ,Combo fix etc. and stop them from running.
R Kill is the answer to this.
http://www.bleepingcomputer.com/download/anti-virus/rki...
Download different versions. Virus writers know about this too. So they have many versions. It is the some software, but different executable file names.

EDIT
Follow the guides above, but run RKill first. It may take a while and seem like nothing is happening. but wait for it. When finished it will display a status screen.
I also suggest Installing AVAST. I install it on all of my familys computers. It is good at cleaning files,not just deleting them.
No software can stop you from clicking that button and installing a virus.
Security Expert
Windows 7 Authority

Rick_Criswell said:
Just to add a little to the topic.
R kill . Stops most active infections. It does not remove them but stops them from running.
Many virus writers know about MBAM ,Combo fix etc. and stop them from running.
R Kill is the answer to this.
http://www.bleepingcomputer.com/download/anti-virus/rki...
Download different versions. Virus writers know about this too. So they have many versions. It is the some software, but different executable file names.

That was #2, but it does not work properly on x64bit systems.

nikorr said:
Is there a MS key sticker on the laptop?

It's not a laptop. It's a heavy-weight Alienware aurora with an i7 processor.


I'm running avast at the moment. I really hope I don't have to re-install my operating system...way too much to lose. A system restore would be highly preferable.
Security Expert
Windows 7 Authority

TheMendicantBias said:
It's not a laptop. It's a heavy-weight Alienware aurora with an i7 processor.


I'm running avast at the moment. I really hope I don't have to re-install my operating system...way too much to lose. A system restore would be highly preferable.

Tell me what do u have installed? U don't have multiple AV running? Do u?

nikorr said:
Tell me what do u have installed? U don't have multiple AV running? Do u?

multiple AV? What do you mean, exactly?

I have 3gb ram, 875 watt PSU, liquid cooling, 2x ati 5670 hd graphics cards on crossfire, 1 500gb sata hard drive, and a disk drive. That's it, basically.



On my computer, I have some music files, word documents, and a few games, along with my spyware. That's it, basically.
Security Expert
Windows 7 Authority

Rick_Criswell said:
Have not read the sticky you referenced.
Did not know about the 64bit incompatibility.
MY bad.

Its no problem, security people don't recommend it on x64bit systems : )

nikorr said:
I mean multiple antivirus programs installed.



well, i originally had norton, but it's subscription ran out, and I had spybot S&D. After I got the virus, I got avg, but it wouldn't install correctly (didn't do it on safemode) so it never really installed, it's just sitting in its compressed state.

After that, I got avira. scanned on non-safe mode, it found 4-5 things, I quarantined and then removed, then ran malware bytes, then trojan remover, and now avast. after that, I'm planning on running CCleaner. if that doesn't fix it, then I'm going to cry...

after running belarc, it gives your score/log on your browser...the problem is that my damned browser gives me a "Opera internet browser has stopped working message" with the option to check for solutions or close the program after the 10 seconds since I started it.
Register or log in to remove
 
Ask the community
Read discussions in other Windows 7 categories
!