Need to remove virus files

C

Clementine

New member
Local time
7:56 AM
Messages
1
Hi Folks I was dearly hoping for some clever advice please. Someone has hacked (?) my system. This has effectively locked me out of my PC with a dummy screen demanding £££ to open. The offending files are in c:\windows\system32\config. I can open the directory from the dos prompt. I cant use cmd line or access any other windows tools. I have tried deleting the files using dos commands (erase), thatnk heavens for old DOS experience, but I get an error message that says cannot access the file because it is being used by another process. Clearly I can trace the guilt files using dates but is there any way I can fix this?

:cry:
 

My Computer

OS
32
The recommended option is an antivirus rescue CD.
Most antivirus sites offer a ISO file you can burn to a CD and then boot your computer from. (avira and bit defender for example are good ones I used, but there are many many others)

It will run regardless of your system current status and remove malware. Don't use the one from your own antivirus as if it didn't stop this attack, it's likely crap.


The brave-and-foolish men option is using a linux distro (another operating system that runs from the CD), like an ubuntu live cd download, burn the ISO to a CD and then when booting from it select the "Try Ubuntu" option (their booting wizard is pretty informative).

Then you can navigate to the folders and whatever, and nuke manually the offending files. This is dangerous as you can do mistakes and screw up your system. An antivirus rescue CD should really get rid of your issues in a safe way.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
custom built
OS
Win 7 Pro 64-bit 7601
CPU
AMD Phenom 9650 QuadCore, revision DR-B3
Motherboard
ASUS M4A78
Memory
5 GB yes I run 2x 2GB and 1x 1GB, different brand, spank me.
Graphics Card(s)
NVIDIA GeForce 9800 GT 512 Mb, unknown manufacturer.
Sound Card
Crappy Realtek Integrated Audio
Monitor(s) Displays
Fujitsu Siemens P19-3P
Screen Resolution
1280 x 1024 x 32 bits @ 60 Hz Oh yeah, 4:3 rocks!
Hard Drives
(1) MAXTOR S TM3320613AS SATA Disk Device (2) STM35004 18AS SATA Disk Device (3) TOSHIBA USB 2.5"-HDD
PSU
whatever, around 450w
Case
Scavenged from old company PC, 10+ years old
Cooling
CPU fan, GPU fan, case fan, nothing fancy
Keyboard
Microsoft, PS/2, white.
Mouse
Optical, logitec.
Internet Speed
effective max speeds: 70-ish kB/s down 30-ish kB/s up
Antivirus
Avira, free edition.
Browser
Firefox with FXChrome to make it look like Google Chrome :P
Other Info
Was discarded by previous owner due to "horrible performance".
Was running Win Xp from a IDE drive. Yeah. Was a pain.
SATA II drive and Win7 and it zips away! Yay!
You can reboot into safemode and run any and all spyware/adware and your antivirus software you have and it should clean it and remove it from your system that way. If it were my system and I suspected that my PC was hacked by an intruder, I would just flat out format HDD and re-install the OS.
 

My Computer

Computer Manufacturer/Model Number
Custom built
OS
Windows 7 Ultimate 64 bit
CPU
AMD Phenom II X4 965 Black Edition
Motherboard
Gigabyte GA-MA790X-DS4
Memory
GSkill 4 X 2 GB PC 8500
Graphics Card(s)
XFX Radeon HD 6790 D
Sound Card
On board RealTek HD
Monitor(s) Displays
Dual monitors:Samsung SyncMaster S20B300
Screen Resolution
1600 X 900
Hard Drives
Seagate Barracuda 1TB (primary)
Seagate Barracuda 2 X 320 GB
PSU
Ultra X4 750 watt fully modular
Case
Thermaltake Overseer RX 1 full tower
Cooling
Core-Contact 92 mm CPU Cooler
Keyboard
Logitech G510
Mouse
Razor DeathAdder
Internet Speed
50/5 Mbps UL/DL
Other Info
Optical: Super Muliti DVD burner w/lightscribe, Hauppauge WinTV HVR-1800
nah, those things are usually fully automated and are hidden in stuff you download from less-than-trusty sources, or by clicking on the banners that state "free PC scan to fix errors" or somesuch.

I repeat what I said, if the antivirus didn't catch them before, won't catch them now. So running it from safe mode is pointless. A rescue CD is the safest bet.

And then changing antivirus is the next thing to do. This kinds of malware are relatively common, and if they get through the antivirus, it sucks.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
custom built
OS
Win 7 Pro 64-bit 7601
CPU
AMD Phenom 9650 QuadCore, revision DR-B3
Motherboard
ASUS M4A78
Memory
5 GB yes I run 2x 2GB and 1x 1GB, different brand, spank me.
Graphics Card(s)
NVIDIA GeForce 9800 GT 512 Mb, unknown manufacturer.
Sound Card
Crappy Realtek Integrated Audio
Monitor(s) Displays
Fujitsu Siemens P19-3P
Screen Resolution
1280 x 1024 x 32 bits @ 60 Hz Oh yeah, 4:3 rocks!
Hard Drives
(1) MAXTOR S TM3320613AS SATA Disk Device (2) STM35004 18AS SATA Disk Device (3) TOSHIBA USB 2.5"-HDD
PSU
whatever, around 450w
Case
Scavenged from old company PC, 10+ years old
Cooling
CPU fan, GPU fan, case fan, nothing fancy
Keyboard
Microsoft, PS/2, white.
Mouse
Optical, logitec.
Internet Speed
effective max speeds: 70-ish kB/s down 30-ish kB/s up
Antivirus
Avira, free edition.
Browser
Firefox with FXChrome to make it look like Google Chrome :P
Other Info
Was discarded by previous owner due to "horrible performance".
Was running Win Xp from a IDE drive. Yeah. Was a pain.
SATA II drive and Win7 and it zips away! Yay!
You must log in or register to reply here.
Back
Top