Stubborn Viruses

[heaumanepunk]

I've been trying real hard to get rid of a virus, or should I say a couple. I've manged to find and remove some viruses using Forefron Client Security, Spyware Doctor with Anti-Virus, and Malwarebytes, Ad-Aware has been used to. Full scans.

I've been at it for multiple days but my laptop still has signs of infection, for example not being able to get into Windows Update website, forefront wont Update giving me an error 0X8007efe, and sometimes I get redirected to a website I did not want to visit. I've manually removed some Fake anti virus software but still have problems, I've stopped my computer from crashing by removing the fake AV but like I said still frustratingly getting these problems. I really dont want to do a fresh install since I dont have a CD.

Can anyone help with these problems or maybe one of them. Please and Ty in advance.

-Heau

 

[thathagat]

give these three a spin...

hitman pro
dr web cure it
sas

 

[Wishmaster]

Is it not able to scan, or coming up with nothing?

Have you tried running malwarebytes in Safemode?

Another option:
http://security.symantec.com/sscv6/WelcomePage.asp

 

[Tews]

I dont suppose you have any back ups that you can restore from?

 

[heaumanepunk]

Ty for your quick responses. I will look into the programs u recommended. Ty. Hoping thyere free. lol

Actually no I haven't and I was actually thinking about it after I had posted, but I did run Forefront in safemode. I will try to scan in safemode, Thnx again.

Ill keep this thread posted.

 

[DirtRider]

Lets us also know what virus it was if you do find it

 

[whs]

It is my experience that in a case like yours the most efficient approach is to reinstall (as I assume that you do not have any images). There are viruses that damage your system such that you cannot correct the damage even if you succeed to get rid of the virus.
So I suggest that you save your data, if possible have those folders scanned on-line, just to be on the safe side ( Popular online virus scanners ) Note: #14 is excellent. Then reinstall from the recovery partition or installation disk.
For the future, I recommend you image, image, image - e.g. with this program: http://www.sevenforums.com/tutorials/73828-imaging-free-macrium.html?ltr=I

 

[Wishmaster]

For the future, I recommend you image, image, image - e.g. with this program: http://www.sevenforums.com/tutorials/73828-imaging-free-macrium.html?ltr=I

I couldn't agree more.
It very well may come to a clean install or re-image, I know I would.

Although I personally prefer Acronis, I can not tell you how many times a System Image has been a huge benefit to me.


In addtion to the advice whs has given:
I would also recommend that, if you do a clean install, As soon as your up and running activate Windows and make a clean system Image right then, with whichever program you prefer.

This way, worse case scenario, you ALWAYS have a clean Image of the OS disk, thats already activated, with nothing installed in case you wish to start fresh.

You can then save that Image to a DVD, external drive, or whatever. Just keep it somewhere safe.

 

[cbs362]

give these three a spin...

hitman pro
dr web cure it
sas

If those 3 programs don't help, try a bootable cd, which is able to search and get rid of viruses. These kind of CD-s are available from many security companies:

AVG: AVG - AVG Rescue CD
F-Secure: http://www.avg.com/us-en/avg-rescue-cd#tba3
Kaspersky: http://devbuilds.kaspersky-labs.com/devbuilds/RescueDisk10/

and many others, these were only examples. (I personally recommend using Kaspersky)

 

[heaumanepunk]

Well I was able to remove the virus but guess what? It came back with a different name. I think I might need to clear the regisrty keys or something, malwarebytes is removing the virus but it keeps coming back, i might have to manually delete the regisrtry files. How is doing it's job by identifying these viruses? And I still havent gotten it to update. I might spend hours maybe days trying to fix this but it'll be worth it because i dont want to wipe out the system and start fresh. I've learned a lesson here, Download stuff on my desktop first then transfer it to my laptop. lol. I know viruses makes people money by giving companies the chance to make AV software but oh well this is just frustrating. I hate viruses. I'd rather do it manually sadly there arent alot of guides on how to do it. And there are so many viruses and they change the names. really difficult. does windows 7 come with a firewall? do Apple OS get viruses if installed on another computer other than a Apple computer? And ty very much to all u humans that helped.

 

[Harvey Meale]

Hi heaumanepunk,

Well, after you've tried so many different options, it sounds like this isn't malware or if it is, it's extremely difficult to find. What I'd recommend is getting someone with qualifications from either ASAP or UNITE to look at your computer. Have you heard of HijackThis? It's a diagnosis tool used to get a reading of your system and browser configurations. HijackThis Analysts can usually, by looking at your log, give you instructions on how to remove infections (with the aid of other, more targeted tools).

Yeah, scanning with MBAM, SAS, NOD32, and all the rest is good, but if this is a recent form of malware or if it's fully undetectable, you're going to need someone to take a further look. Of course, if you don't want to do this there are other options such as System Restore and reinstallations, but these are last chance options.

You can visit Tech Support Guy or a variety of other malware removal communities if you want someone to take a look at your system. Good luck!

Thanks,
Harvey Meale

 

[whs]

As I said earlier, save your data and scan it on-line. Then reinstall. That will be a lot less effort than trying to chase the thing. In the future you should do frequent imaging so that you can easily recover. A good AV program will also help - free Avast or MSE come to mind.
But if you want to be less targeted by the malware producers, you can always use Linux as your OS.

 

[Jaxryley]

Update Malwarebytes and try another quick scan?

If the rogue AV does get cleaned up then the proxy hijacks could still be around hence the connection problems.

Bring up Internet Options - Connections tab- LAN Settings and make sure "Use a proxy server...." is unticked.

 

[dranfu]

Something you might want to try is doing a scan with a Live Boot CD. A well programmed virus will remain on your PC, besides your best efforts, because it is able to hook into various windows services and make it very hard to be deleted. Not to mention, unless you find the specific files which contain its "regeneration code," often stored in a dll, the virus will simply reappear.

Using a Live Boot CD addresses all these aspects of a virus, because you can scan your Hard Drive while the operating system is not running. Because your OS is not running, the virus cannot hook into any services to protect itself, and because it is not running, it cannot detect that it is being deleted. Some of the hardest viruses to delete are easily eliminated when a Pre-Boot or Live CD Boot is ran.

The nice thing is that virtually all Anti Virus Live Boot CD's are free. You simply need to download them, burn them to a CD, and then reboot your computer with your boot cd in your CD-ROM. Click here to view a list of the 13 best Anti Virus Live Boot CD's.

Also, some Anti virus programs, like Avast Free Edition, do allow you to run a pre-boot scan. This is the same thing as running a Live CD scan, except you don't need the Live CD. You simply tell Avast to do a scan the next time you boot your computer.

Good Luck!

 

[chev65]

It's time time punt the OP system, I agree 100 percent with WHS, even if you get the virus off your system it can never be trusted again.

 

[heaumanepunk]

ty for all the tips and suggestions, malwarebytes deleted a couple viruses today. Safe Mode but as im tryin to boot the laptop up the damn bluescreen pops up and i still cant go to windows update websites plus sometimes I get redirected. Wat if i dont have a Windows 7 CD? I have windows 7 Enterprise on it. I have Avast! so ill try the scan before it boots option, if i can find it. I changed the proxy settings ty but it still doesnt let me go to windows update site and redirects me to a site i do not want to go. WHS wat do u mean by scan it on-line. Then reinstall.
Thnx again for the info all of u. Ill keep on fighting this even though its frustrating. So where do viruses hide? DLL. where do i find that? Ill google it.

Pre-boot scan INITIATED!

Didn't scan.......trying again.....

 

[Tews]

Friend, where are you going on the interwebz that you are picking up all of these viruses?? Where did you get your copy of Windows from??

 

[whs]

For the areas of the internet that you are visiting, I suggest you run your browser in Sandboxie. That isolates the browser from the system and any possible infection will automatically disappear with the end of the session.

 

[Tews]

IMO, the only and quickest way to resolve your issue is going to be a format/reinstall of the OS... You seem to have had no success with the suggested methods of cleaning your computer so far. Good luck..

 

[heaumanepunk]

Well to be honest, I do download a lot of stuff. The Avast preboot scan is running now .
I tis my fault and I know I always risk it, even though sometimes the PC at home gets infected when I dont download alot of things so either way it'll get infected, and I knowit'll get infected faster by downloading things. I visit blogs mostly, and sites I shouldn't. So i'll stop that. lol. I know I risk it when going to those sites so thats whyi'm not giving up because i knew it would happen sooner or later. I guess i though Windows 7 was like MAC, it didnt get viruses lol.

pre boot found mirc-z PUP in the MIRC folder, and i deleted it , is it a virus?

It was already installed on the lappy. so i dont have the CD
can i make one?
I was reading somewhere that u can make a windows 7 CD using windows.