Sign in with
Sign up | Sign in
Your question

Virus/keylogger/invinciblestuff HELP PLEASE

Last response: in Windows 7
Share
October 13, 2012 1:43:08 PM

Well i got what i thought was a keylogger on my computer somehow, and it stole all my email accounts and wow accounts. It did this about 3 times now because i thought my computer was secure each time, but ive come to the realisation that this thing is *$%## invincible!

I've tried like every anti spyware, anti malware, anti virus programs, with none of them detecting this god dam thing.

I built my PC myself but cannot recall where i put my widows 7 disk so i cant really reformat as i won't be able to install windows 7 again ;/

Any suggestions im in desperate situation to get this *** off my PC!?!!?!?!

Thanks,
Moley :(  :( 
October 13, 2012 1:59:13 PM

NFS = ?? some help would be nice :( (
Related resources
Can't find your answer ? Ask !
October 13, 2012 2:12:14 PM

do you still have your windows OS product key somewhere? (like at the back of your computer case)
October 13, 2012 2:16:37 PM

Yes the product key is on the side of my case . But could this virus survive a full reformat as it survived every anti malware program.

If your sure i could kill it this way could you kinda give me a brief step to step on reformating and stuff to kill this thing.. im such a noob :( 

Thanks
October 13, 2012 2:39:51 PM

Try to scan the hard drive using different OS (Mac or Linux). Unplugged hard drive and use an SATA-to-USB adapter and plug into a Mac or Linux box. It might help.
October 13, 2012 2:42:14 PM

Hi there, first off I dunno if you've tried malware bytes or adaware:

http://www.lavasoft.com/products/ad_aware_free.php

http://www.malwarebytes.org/

Both have a decent track record for finding the more potent viruses.

Alternatively, if you feel like a challenge, take a look if there's any suspicious looking processes running in your task manager. By suspicious i mean anything that has a gibberish name like awts97rs92, or anything doesnt look like something u'd expect to see on your computer (foreign looking programs etc...). If you do find any, double check them by doing a quick google search to see what they are. If by chance you should happen to find something that is both suspicious and doesnt come up on google search (or better yet comes up as known virus on google search), then chances are you u've found your culprit. If you right click on it you can view the file location the process is running from.

Now when it comes to deleting these files, there's two things to bear in mind. First off there is likely a second folder hiding somewhere else that will re-copy the files if you delete them. These secondary folders often also have suspicious names and like to hide in places like appdata (you can access apdata by typing %appdata% into the start menu's search bar). Other favourite spots are system32 and the temp folder. You want to delete these hidden backups as well as teh virus.

Another possibility is that when you try to delete it, windows prompts you with an error, saying that the files are essential system files and cannot be deleted. In this case it means the virus has tagged its files with the windows system attribute. The easiest solution i found to this (albeit I suspect not viable option in your case) was to start the computer up in a non-windows OS, like Ubuntu, and delete the files from there, as any non windows operating system will ignore the system attribute I mentioned.

Failing that, or if that all seems too erm.... lame... to do xD, then I agree with the other poster, reformat and reinstall windows. The virus will not survive that.

EITHER WAY, that's my 2 cents, lol, hope you have some luck with whichever way you choose to approach the situation. Though i'd deffo try those two antivirus programs if you can first.

GOOD LUCK!
October 13, 2012 2:46:48 PM

Try Sophos rootkit antivirus since that's what it sounds like. Normally, a re-install of windows is the best way to get rid of a rootkit.
October 13, 2012 2:47:05 PM

Thank you for your information XAFERO but i already tried everything of that sort. Is there any way i can get windows again as i seem to have lost the disc but have the product key for my windows 7.

Many thanks
October 13, 2012 2:48:23 PM

If you have the product key you can simply download it from MS' website.
I would also like to second what egilbe said, if you haven't already tried that.
October 13, 2012 2:56:19 PM

I haven't tried sophos anti rootkit yet, but i will try it very shortly. How are you sure its a rootkit?

Many thanks
October 13, 2012 3:00:29 PM

It is always the best and cleanest choice to make a fresh install, IMO. At least you will not have any question marks in your mind. Just download a copy of windows from MS and burn it on a disc and then make a backup of your stuff in your computer (be careful there to backup everything). Then format and install windows freshly, formatting your c drive first. Use your product key on the case, dont worry it will work. Do not make a repair, make a fresh install. And the first thing you must install in windows is the antivirus software
October 13, 2012 3:03:02 PM

Did you also try using AVs that can boot without the OS, such as AVG Rescue?
October 13, 2012 3:09:14 PM

technoholic said:
It is always the best and cleanest choice to make a fresh install, IMO. At least you will not have any question marks in your mind. Just download a copy of windows from MS and burn it on a disc and then make a backup of your stuff in your computer (be careful there to backup everything). Then format and install windows freshly, formatting your c drive first. Use your product key on the case, dont worry it will work. Do not make a repair, make a fresh install. And the first thing you must install in windows is the antivirus software


Thanks for your input, how do i reformat my harddrive completley fresh ( i looked online and it kind of confuses me that theres so many different ways of doing it). Then do i have to create a new partition or whatever when i am installing windows 7 again?

Many thanks
October 13, 2012 3:12:12 PM

moleybear said:
I haven't tried sophos anti rootkit yet, but i will try it very shortly. How are you sure its a rootkit?

Many thanks


because you said it was invincible. Rootkits work because they hide themselves and corrupt programs designed to work against virii. http://en.wikipedia.org/wiki/Rootkit
Most AV are pretty good for finding common virii, but rootkits are a special kind of evil.
October 13, 2012 3:26:22 PM

can anyone explain reformatting and partitions to me briefly please? I dont need to back anything up!
October 13, 2012 3:55:36 PM

NUKE FROM SPACE
October 13, 2012 4:42:34 PM

moleybear said:
can anyone explain reformatting and partitions to me briefly please? I dont need to back anything up!


have you found your windows install disc? Boot from that, make sure your boot order is set to boot from DVD drive, first. You can set that in BIOS. During the install process, it will guide you though some steps and one of them "should" be where to put windows and it may tell you you already have a window's installation installed. Delete the existing partitions and have windows format and repartition your drive. It should do that automatically.
!