Virus won't let me do anything to try to fix it.

andylynne215September 1, 2008

Hi...I got zapped tonight. My firewall popped up with a warning and stupidly I allowed the action. I first noticed that I couldn't upload pictures to photobucket or Flickr. Google isn't working...opens new windows. The only way I can get to a site is if I have the proper address,unless it happens to be a site like avg.com (for example).

I ran an AVG scan and nothing showed up, however any attempts I make to do scans, download any new antivirus software, or fix it in any way are shut down. I ran a Hijack this scan and I can't even copy the log.

Has anyone heard of anything like this ? Is there anything I can do that I haven't thought of ? I have a feeling this is a job for the experts.

Thanks

Thank you for reporting this comment. Undo
bpgreen

The first step would be to boot in safe mode and run a full scan.

You could also try using Trend Micro's free online scanner.

    Bookmark   September 1, 2008 at 1:09AM
Thank you for reporting this comment. Undo
andylynne215

I have AVG on my computer and it was updated this morning...so I'll do the scan in safe mode, however I get a 'fail to connect' message when I try to go to any antivirus sites, even the link you provided. I thought maybe I could outsmart it and downloaded Avast from downloads.com. I was able to download it, but when I tried to run the set up I get a self extract error.

Thanks, Andrea

    Bookmark   September 1, 2008 at 2:07AM
Thank you for reporting this comment. Undo
bpgreen

Try rebooting in safe mode and running the AV software, then try rebooting in safe mode with network support and running the trend micro scan. If you're being blocked from AV sites, you're probably infected. It could be that this virus is newer than the latest definition files you have for AVG, in which case, it won't fix the problem in safe mode (but safe mode with network support might work).

    Bookmark   September 1, 2008 at 2:18AM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

that sounds like it could be one of the bad ones possibly vundo, let me suggest you go here and post in this area, ask Corrine for help tell her I sent you, she will assist you with this using some special programs. Be sure to say in your post that you are unable to get a hijack this log or run AV programs including online scans.
HijackThis Logs

    Bookmark   September 1, 2008 at 3:32AM
Thank you for reporting this comment. Undo
andylynne215

I'll do that Raven, thank you so much. I'll let you know how it goes.

Andrea

    Bookmark   September 1, 2008 at 11:28AM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

wow Andrea I knew it was a bad one, even worse than I thought, but you are doing very well following the directions. The team will get you fixed up. The tdssserv rootkit is one really nasty infection.
But rest assured you are in the hands of the very best teams on the internet, it takes time and many are in different time zones so keep that in mind.

You will be good to go soon! Good work so far! I am proud of your effort!

    Bookmark   September 1, 2008 at 7:36PM
Thank you for reporting this comment. Undo
andylynne215

Well Raven, I just got a CLEAN BILL OF HEALTH !!!!!!!!!

Corinne and the team really know their stuff...I was just doing my best to do as I was told. LOL My head didn't even explode...although it WAS close a time or two, and no one was allowed to talk to me for 2 days.

I really can't thank you guys enough...I've bookmarked that forum and plan to visit the lounge to associate some words.

Thanks again and again,
Andrea

    Bookmark   September 2, 2008 at 10:04PM
Thank you for reporting this comment. Undo
bpgreen

Thanks for letting us know you were able to get it fixed and also for letting us know that it was the visit to the site suggested that got you fixed.

    Bookmark   September 3, 2008 at 1:47AM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

You are very welcome Andrea, yes it is one of the best on the web for getting the top notch pros to work with you, it can get intimidating when having to go through so many logs and programs but when you get to the right place and the right team it makes all the difference in the world.
Please do come on back and visit us sometime, we do play too not just work LOL

You really surprised us when we saw the logs and realized it was a rootkit, there was some serious scrambling behind the scenes LOL

Take care and definitely do run those programs that were given on a weekly basis for a while.

were you able to get rid of all the toolbars or do you need help to do that using HJT? If you find you do just go on back and start a new post for that.

    Bookmark   September 3, 2008 at 2:27AM
Thank you for reporting this comment. Undo
sapphires

Hi,
Just curious in cas I ever did to do this, how does one do a Hijack This Log file? Thank you. Oh, I have XP Home Ed..
Sapphires

    Bookmark   September 3, 2008 at 10:57AM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

sapphires when you are sent to one of the pro help forums they all have very specific directions and instructions for you on how to install and set up and post hijackthis logs. But this is a program that is not for casual personal use it must be used by the pros who read the logs, they have special training to do that. So you really don't want to worry with that till you really have to. It is one of many of the diagnostics programs that they will tell you to run to be able to see what is on your pc and what should not be on your pc.
For example on the link I provided to Andrea at the top of that area are posted sticky threads that must be followed on how to do a submission and how to do logs etc.

    Bookmark   September 3, 2008 at 1:32PM
Thank you for reporting this comment. Undo
sapphires

Thanks ravencajun, I was just curious and hopefully will never need that.

Sapphires

    Bookmark   September 3, 2008 at 3:45PM
Thank you for reporting this comment. Undo
tumblenweed

RC, How do you feel about free software to detect rootkits? For example Root Repeal.

Nice site glad you shared it.

Here is a link that might be useful: Root Repeal

    Bookmark   September 3, 2008 at 9:15PM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

have not used it. In general we use
GMER
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer

will take a look at it though.

Combofix it one of the most impressive tools around, the folks that created mbam and combofix are awesome.

    Bookmark   September 4, 2008 at 1:47AM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

tumblenweed we are reviewing that product
Rootrepeal ARK tool Version 1.1.0 on one of the forums I am on per request of it's author, so should have some info on it soon. It does look good so far.

    Bookmark   September 4, 2008 at 2:15PM
Thank you for reporting this comment. Undo
tumblenweed

Ok.

Thought I'd share this thread with you from the DSLReports forum.

Here is a link that might be useful: DSLReports

    Bookmark   September 4, 2008 at 6:00PM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

thanks Yep I had seen that thread too, it is pretty young in dev so a lot of the pro teams are doing some intense eval on it and submitting the info to AD. I had seen it caused some crashes and a few false positives but I think once it is a bit more mature and not in beta it will be a good tool. One to keep a watch on.

    Bookmark   September 4, 2008 at 6:21PM
Thank you for reporting this comment. Undo
tumblenweed

GOOD to know. Thanks for your time.

    Bookmark   September 4, 2008 at 7:11PM
Thank you for reporting this comment. Undo
aintnosunshine

my computer will not allow me to access any programs or files. some message keeps popping up telling me i need to download this to get rid of the virus and spyware, and when i press ctrl+alt+del, some message pops up telling me some crazy crap, like this person is a internet terrorist
please help!!

    Bookmark   July 13, 2009 at 1:27PM
Thank you for reporting this comment. Undo
owbist

Aintnosunshine the first thing you should do is start a new thread rather than find a 6 month old one as this only causes confusion.

When you start the new thread please include the computer make and model, all names of firewall, anti virus and anti malware programs you are running and when they were last updated and a full test ran.

"Some message pops up" up is useless, write the message down and post that too, it might be the biggest help of all. Help can only be as good as the input provided by the person needing the help. Help us to help you.

    Bookmark   July 13, 2009 at 1:59PM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

please follow the link I provided above to the forum that will help you with that infection, that is one you will need assistance with. It is always best to create your own new post. Go to LzD and register and start a thread there telling them exactly what is happening, the team will assist you.

    Bookmark   July 13, 2009 at 3:38PM
Thank you for reporting this comment. Undo
Livexboxlivexbox_aol_com

I have the same virus can anyone help me like you helped the other guy I am only 13 and my mom doesn't know I have a virus... I really really need help, I do have school and I would really appreciate it if any could help me oh ya I can't open anything and I don't get internet connection when in safe mode.

    Bookmark   April 26, 2011 at 9:56PM
Thank you for reporting this comment. Undo
bradyb64_yahoo_com

Can anyone help?

    Bookmark   May 18, 2011 at 9:38AM
Sign Up to comment
More Discussions
clicking to open a link doesn't work
Recently I had my computer serviced, now when trying...
cornsnake_lover
error message
All of o sudden when I started up my machine this PM...
Christopher Nelson Wallcovering and Painting
free downloader for youtube videos to use in powerpoint?
I used to be able to download videos for use in my...
jean001a
A free pdf to jpg program that works well?
I want to tear some pdf's apart, and wondering if someone...
shaddy101
Super-AntiSpyware - where do I go to get it?
Super-antispyware - that IS the GOOD one, isn't it?...
Janey - formerly jane2
Sponsored Products
Garden Dream Chair
$249.99 | Dot & Bo
White Marble Bathroom vessel sink + faucet hole - PEGASUS WHITE
Living'ROC
Eliot Leather Corner Chair - Brighton Volcano Brown
Joybird Furniture
Tower S LED Indoor/Outdoor Lamp by Smart & Green
$189.00 | Lumens
Furniture of America Huntley Bonded Leather Chair - Dark Brown - IDF-6021-BWN-CH
$654.92 | Hayneedle
Bounce Giclee Shade 10x10x12 (Spider)
$69.99 | Lamps Plus
Modern Indoor/Outdoor Area Rug: Chandra Rugs Gems Grey/Blue 5 ft. x 7 ft. 6 in.
Home Depot
Christopher Knight Home Haitian Cast Aluminum Outdoor Dining Set (Set of 7)
Overstock.com
People viewed this after searching for:
© 2015 Houzz Inc. Houzz® The new way to design your home™