My Computer Just Got A Virus - Please Help?

TheMendicantBias · Dec 2, 2011

Since yesterday, I had my firewall disabled for a day to fix some beta issues with SW:TOR. After the beta ended, I forgot to turn my firewall back on. I went to this website, and as soon as I left, my Norton kept spamming me to give "Google" permission to do something. I clicked no, but it would return. Eventually I clicked yes, and my computer has been SCREWED up since then.

Now:

- My taskbar icons disappeared. My word, excel, SC2, WoW, LoL icons all disappeared.
- My start menu has 3 icons in it now. Opera, control panel, and my computer.
- When I go to some websites, for example, some websites with the word "Anti-virus" in it, it re-directs me to the same page where it says downloading (search phrase) and then a %.
- My task manager says iexplorer.exe is running. Every time I close it, it opens back up.
- I can't find a LOT of programs on my computer now for some reason.

All of this is making me very angry. Any help would be appreciated. I ran Avira scan, it found 7-8 problems, I quarantined them, and then deleted them. Spybot Search and Destroy found 6 problems. I "fixed" and removed them all.

I tried doing a system restore to two different points, but after each restore, it said that "a file from the restore point is missing, system restore did not complete."

After all of this, my computer is still not working properly!

Please, ANY help would make my day! I can't do anything right now...

nikorr · Dec 2, 2011

If possible, run #1 and #2 in the safe mode to start with, and post the log file.
http://www.tomshardware.com/forum/8263-63-simple-free-guide-removing-malware

Yanthrax · Dec 2, 2011

i suggest booting up in safe mode with network (reboot and repeatingly press F8 till you get a menu with options such as safe mode, safe mode with networking, VGA mode)
Download combofix: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Run it, till it shows a log file (may reboot by itself)
after that run malwarebytes: http://www.malwarebytes.org/

After all this it should have wiped off about 98% of the bad things.

Edit: Use the link nikorr posted

tinmann · Dec 2, 2011

I got a annoying redirect virus on one of the other pc's and the only thing that worked was combofix. Do you use any anti-virus at all?

TheMendicantBias · Dec 2, 2011

I used Norton, but it's subscription was down. I also use Spybot S&D which is pretty good.

Thanks for the info so far, I'm going to do the safemode thing and try what you told me! It is appreciated.

Will my files that I can't find come back? For example, I have Starcraft 2 on my taskbar, but now not only is it not there, it also can not be found in my start menu's search. Its file folder with the files is found, but no executable.

Yanthrax · Dec 2, 2011

TheMendicantBias :

There's a high chance they'll come back, if not, 90% of time they'll just be hidden somewhere else in which you should be able to get them back manually.

swifty_morgan · Dec 2, 2011

turn system restore off and run highjackthis.

TheMendicantBias · Dec 2, 2011

110k files scabbed so far with Malware bytes, 0 objects infected found. Opera keeps closing, internet explorer keeps closing every time I go to a page with "anti-virus" or something like that in it. My guess is that the virus is censoring it.

I'm still running malware bytes. hopefully the issue found >.<

nikorr · Dec 2, 2011

Keep the other programs OFF while scanning.

TheMendicantBias · Dec 2, 2011

OMG OPERA KEEPS CRASHING, SO DOES EVERY OTHER BROWSER!

StackHash_7da7 IS THE FAULT MODULE HELP

TheMendicantBias · Dec 2, 2011

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8288

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.7601.17514

01/12/2011 6:33:12 PM
mbam-log-2011-12-01 (18-33-12).txt

Scan type: Full scan (C:\|D:\|F:\|G:\|H:\|I:\|)
Objects scanned: 364844
Time elapsed: 39 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

TheMendicantBias · Dec 2, 2011

I ran malware bytes, and all of my browsers keep crashing. what the hell is going on...

my programs/task bar crap that got hidden isn't back yet either...

catalyst control center, and all of the intel i7 drivers are still crashing.

i haven't restarted my computer yet, so maybe that's it.

at this point, i'm kind of raging = /

nikorr · Dec 2, 2011

TheMendicantBias :

Did u run #2?

TheMendicantBias · Dec 2, 2011

anyone know how i can at least restore my system? I'd be happy with that. I have a couple of restore points before crap hit the fan, but every time I try, even from safe mode, it seems to fail...

i'm really sad right now. =(

nikorr · Dec 2, 2011

Do not use system restore as it is most likely infected.

TheMendicantBias · Dec 2, 2011

nikorr :

I have a 64 bit OS, and so I'd have to use spybot SD according to your link, but every time i try to run it in safe mode, it says it can't run in safe mode.

should i run it in normal mode? and if i do, will that even fix this? my problems are still there.

I am beginning to hate people who code viruses, diallers, keyloggers, etc with a passion.

TheMendicantBias · Dec 2, 2011

nikorr :

so, then what you're saying is that i have to re-dl my OS? i can't, and that would make me reinstall or lose 500gb of data...

sigh...

I don't have my OS disk. I bought this comp from alienware, and windows 7 was already on it when it came (although I did purchase the OS.)

what should I do? I'm running spybot right now, and it has found 2 entries of w3i.IQ5.fraud

it's still completing. I'm in safe mode atm.

nikorr · Dec 2, 2011

OK, try o run Trojan Remover and select >> enable boot scan

http://www.simplysup.com/

nikorr · Dec 2, 2011

TheMendicantBias :

OK, finish the scan first.

TheMendicantBias · Dec 2, 2011

nikorr :

ok. it'll be finished within 4 minutes.

TheMendicantBias · Dec 2, 2011

ok, scan finish. 5 problems found, but i don't think any of them will be large enough to fix all of my problems. going to fix them.

TheMendicantBias · Dec 2, 2011

they were cookies, and 2 were registry keys according to S&D.

christop · Dec 2, 2011

if you can go in safe mode with networking install avast home edition then do a boot time scan it will clean anything that is a problem out.

nikorr · Dec 2, 2011

Restart and run again.

TheMendicantBias · Dec 2, 2011

nikorr :

I'm restarting right now (on a different computer.)

Thanks a LOT for the help so far. You're gaining nothing from helping me, and you're doing it anyway, so I REALLY appreciate it!

My Computer Just Got A Virus - Please Help?

Distinguished

Champion

Distinguished

Distinguished

Distinguished

Distinguished

Illustrious

Distinguished

Champion

Distinguished

Distinguished

Distinguished

Champion

Distinguished

Champion

Distinguished

Distinguished

Champion

Champion

Distinguished

Distinguished

Distinguished

Distinguished

Champion

Distinguished

Share this page