Question:

Virus PLEASE Help?

by  |  earlier

0 LIKES UnLike

http://i83.photobucket.com/albums/j320/RALPHIE_LEO/Virus.jpg

My computer has a virus, and its really s******g my computer up, it makes my clock say VIRUS ALERT! my Run and My Computer in the start menu are gone, and when i browse the internet any link i click takes me to porno websites, also it executes almost every virus removal program e.g. Spybot SD Smitfraud.exe and Rogue Fix, others such as an older version of Smitfraud, Windows One Care, and Ad-Aware worked but they wont get rid of it. Please help, Thank you

 Tags:

   Report
Answer The Question I've Same Question Too

4 ANSWERS

Sort By: Date  |  Rating

  1. VIRUS/TROJAN REMOVAL

    1st thing would be to close/turn off System Restore where critters hide out till you  Restore  the virus.

    start,all programs,system tools,system restore

    settings,turn off system restore.this deletes all prior restore points and deletes anything hiding there.

    start--all programs--accessories--system tools--system restore

    settings--drive (c)--setting

    check the OFF box to clear all previous restore points

    REMEMBER TO RETURN AND:

    A] TURN SYSTEM RESTORE BACK ON

    B] CREATE A NEW,CLEAN RESTORE POINT

    next,download and install use Avast anti virus,run it  and remove virus that way

    Free antivirus - avast ! 4 Home Edition Download -

    http://www.avast.com/eng/download-avast-...

    open internet options from control panel and delete:

    cookies

    temp files

    history

    there are TWO Temp file folders,1 that you empty from internet options,but there is a SECOND Temp file folder buried in the Windows folder

    start--my computer--windows--temp

    click view--click select all--

    press delect key on keyboard

    delete files from prefetch folder:

    start,my computer,disk drive (c),windows,prefetch

    click view

    click select all

    delete

    LAST option would be to re install windows

    using the steps below,have protected my computer for too many years than I care to tell you [ rofl ]

    MY SECURITY

    Windows Defender

    Windows Firewall

    Avast anti virus

    http://www.avast.com/eng/download-avast-...

    Spyware Blaster anti spyware

    http://www.javacoolsoftware.com/sbdownlo...

    Spybot anti spyware

    http://www.safer-networking.org/en/downl...

    Firefox 3.0.1 web browser

    http://www.getfirefox.com

    Firefox Security Extentions:

    Dr Web link checker

    This plugin allows you to check any file you are about to download, any page you are about to visit with online version of Dr.Web anti-virus!

    New menu item "Scan with Dr.Web" will appear on hyperlink context menu.

    https://addons.mozilla.org/en-US/firefox...

    Finjan multi blocker

    Finjan SecureBrowsing alerts you when any malicious content in a webpage

    that proactively alerts when you encounter a potential malicious content hiding behind links of search results, ads and other selected web pages.

    is a free service that proactively alerts you to potential malicious content hiding behind links of search results, ads and other selected web pages. Finjan SecureBrowsing accesses each of the URLs in its current form on the web, and scans the relevant pages in real time using Finjan's patented behavior-based technology. Finjan SecureBrowsing then displays a safety rating next to each link it has scanned.

    is a security extension for your browser that scans and classifies web addresses to provide you with safety rating of URLs before you visit them. Proactively alerting you to potentially malicious web addresses in links of search results, ads and other selected web pages, SecureBrowsing protects you from webpages that could be used to compromise your privacy and identity.

    in searches [ google,yahoo,ect ] there will be green [ safe ],yellow [ caution ] and RED [ DANGER ] icons on each link

    PAY ATTENTION HERE TO THOSE RED [ DANGER ] ICONS !

    https://addons.mozilla.org/en-US/firefox...

    Blocksite website Blocker

        *  Privacy & Security

    BlockSite is an extension, which automagically blocks websites

    of your choice. Additionally, this extension will disable all

    hyperlinks to these websites, by just displaying the link text

    without the clicking functionality.

    This extension should by no means be used for parental control

    or access control purposes, just because it isn't secure and

    can easily be disabled or even removed.

    https://addons.mozilla.org/en-US/firefox...

    Remove It Permanently

    \Permanently hide content from web pages using the Context Menu.

    Simply, click and "Remove it Permanently".

    Now includes previewing of items before removal

    I have found that MOST of my security problems were coming from sites like Washington Times,Salon,USA Today,ect.

    they all have [ drive by ] flash ads that leave a pop UNDER when you leave the site.

    R.I.P. when R.I.P. option remove from this domaim is used,those flash ads no longer are loaded.

    you get a bar at the top of the page saying parts of the website were not loaded.

    just click away and not worry about those flash tracking cookies anymore

    https://addons.mozilla.org/en-US/firefox...

    Suggested Internet Options Security Settings:

    control panel

    internet options:

    Advanced tab:

    all unsafe/unsigned ActiveX disabled

    unsafe authenticode disabled

    Scriptlets disabled

    File Prompting disabled

    Access Across Domains disabled

    Scripting Internet Explorer disabled

    No Addressbar or status bar disabled

    Launch Unsafe Applications/Files disable

    Software Permissions high safety

    Allow Statusbar update By Script disabled

    Allow Websites Prompt for Info Using Scripts disabled

    Privacy Tab:

    advanced

    override

    allow 1st party cookies

    3rd party [ spy/malware/tracking ] cookies BLOCKED

    Firefox Options Security

    Content:

    check block pop ups

    should pop ups get through [ and they will ],get the url and enter that in the load images section and choose block

    Privacy:

    Cookies:

    put that same url into accept cookies and choose block

    ZEDO POP UP TRACKING COOKIES

    What are Powered by Zedo and URL.CPVFEED.COM Popups?

    I consider myself a pretty good spyware removal expert, but I ALMOST was stumped the other day when a customer's computer was infected with these strange "Powered by Zedo" ad popups. They would popup in the middle of the screen without warning usually when I was trying to search Google or another search engine. Then they would take my search term and put it in the popup ad showing Ebay or a few other sites.

    The javascript that was producing the popups had several ad networks that it was using including

    http://c1.zedo.com

    http://c5.zedo.com

    http://d13.zedo.com

    http://xads.zedo.com

    http://upspiral.com

    http://searchlocal.ws

    http://aavalue.com

    http://url.cpvfeed.com

    http://zedo.biz

    http://zedo.com

    http://www.zedo.com

    http://www.zedo.biz

    How to Remove Core.sys

    Follow the instructions below to remove core.sys and core.cache.dsk and rid your computer of the "Powered by Zedo" and other ads.

    1) Boot into Safe Mode

    2) Click on Start, Search, and choose All Files and Folders

    3) In the all or part of file name box, type the following

    core.sys

    4) In the Look In box, choose local hard drives and click Search

    5) When core.sys is found in the c:\windows\system32\drivers directory, right-click on it and choose Delete

    6) Repeat steps 2-5 for the file core.cache.dsk

    7) Close the Search box

    8) Click on Start, Run and type REGEDIT and press Enter

    9) Click on the Plus sign (+) next to HKEY_LOCAL_MACHINE

    10) Click the plus next to SYSTEM

    11) Click the plus next to CurrentControlSet

    12) Click the plus next to Services

    13) Find the folder called CORE and right-click on it and choose Delete

    *** WARNING *** If the folder CORE does not exist, dont do anything

    14) Close the Registry Editor by clicking on the X in the right-hand corner of the window

    15) Reboot your computer in Normal mode

    16) Once the computer is rebooted, open your web browser and go to Kaspersky Online Scanner by clicking on the link below.

    http://www.kaspersky.com/virusscanner

    17) Scan your computer and delete any other files flagged as problems.

    Your computer should now be free of these vicious popups.

    BLOCKING ZEDO

    FIREFOX:

    tools

    options

    content

    load images automatically

    exceptions

    enter the above addresses

    choose block

    PRIVACY:

    COOKIES

    EXCEPTIONS:

    enter addresses above

    select block

    click show cookies and delete same and any cookie that begings with ad.

    BLOCKSITE EXTENSION:

    HIGHLY reccomend you add this extension and enter the above sites to be blocked

    adds another level of security to your computer

    I.E.:

    tools

    options

    content

    content advisor

    enable

    approved sites

    enter addresses and choose NEVER

    XP:

    start

    all programs

    administrative tools

    services

    all services are listed in alphabetical order

    find,right click:

    Alerter

    Messenger [ NOT related to instant messeger or MSN messenger ]

    select properties

    from drop down menu,select disable

    Vista:

    MS woke up and covered this gaping back door invasion.


  2. TRY AVAST ALOT OF TROJANS AREN'T PROGRAMMED FOR THIS ONE CAUSE ALOT OF PEOPLE DON'T KNOW IT EXIST!

  3. you need to reboot with your windows xp disc or whatever you've got. I know it happened to me on the weekend! same thing!you'll have to re-load all software and windows updates and anti-virus protection programs. sorry thats normally the bottom line.there is a antiviris win2008 watch this pop up it has the trojan virus in it and spy-ware program. beware!

  4. This is a Zlob infection. This is quite an infamous Trojan which Smitfraud and Windows Defender should catch so i do't know why they are not removing it.

    http://miekiemoes.blogspot.com/2008/05/v...

    That guide will help you alot!

    Download a new version of smitfraud fix

    http://www.bleepingcomputer.com/forums/t...
You're reading: Virus PLEASE Help?

Question Stats

Latest activity: earlier.
This question has 4 answers.

BECOME A GUIDE

Share your knowledge and help people by answering questions.
Register Now