Valuater Posted May 26, 2008 Posted May 26, 2008 (edited) I have a friend who has a virus on his computer. I went into safe mode and ran Microsoft defender and AVG Virus scan ( in safe mode avg can only use the cmd window) however the viruses were found, and I thought they were eliminated. To my suprise, they were still there. It said that I could not remove the files because I was not Admin. So I go into safe mode again, log in as Admin ( you can only do this in safe mode AFAIK) and ran the protection. Super suprised it was blocked again. So any ideas on...????? online virii scanner .... regread?, other ways to check or ???? Thanks Valuater 8) Edited May 26, 2008 by Valuater
Richard Robertson Posted May 26, 2008 Posted May 26, 2008 With all due reason, do not use system restore. My friend system restored her computer the other day, thinking it would help. She found out the hard way. I'm afraid I cannot offer any advice other than that.
monoceres Posted May 26, 2008 Posted May 26, 2008 What is the name of the virus? Broken link? PM me and I'll send you the file!
rayzer Posted May 26, 2008 Posted May 26, 2008 (edited) Many viruses are contained within the restore folder so avoid that as an option. Most AV's/spyware programs are only as good as their database and you may need a special fix. Posting a Hijackthis logfile for knowledgable folk to examine will cure your problem. Edited May 26, 2008 by rayzer
sandin Posted May 26, 2008 Posted May 26, 2008 whenever I get this kind of problem (getting a virus which is unremovable with antivirus), I use SmitFraudFix: http://siri.geekstogo.com/SmitfraudFix.php. But it's not supported on Vista systems (... -.-) Some cool glass and image menu | WinLIRC remote controler | Happy Holidays to all... | Bounce the sun, a game in which you must save the sun from falling by bouncing it back into the sky | Hook Leadtek WinFast TV Card Remote Control Msges | GDI+ sliding toolbar | MIDI Keyboard (early alpha stage, with lots of bugs to fix) | Alt+Tab replacement | CPU Benchmark with pretty GUI | Ini Editor - Edit/Create your ini files with great ease | Window Manager (take total control of your windows) Pretty GUI! | Pop-Up window from a button | Box slider for toolbar | Display sound volume on desktop | Switch hotkeys with mouse scroll
rayzer Posted May 26, 2008 Posted May 26, 2008 whenever I get this kind of problem (getting a virus which is unremovable with antivirus), I use SmitFraudFix: http://siri.geekstogo.com/SmitfraudFix.php. But it's not supported on Vista systems (... -.-)Thats a specific fix for a specific problem.
Valuater Posted May 26, 2008 Author Posted May 26, 2008 (edited) What is the name of the virus?@monoceresNot sure exactly, however I noted spool.exe, cfmon.exe ( or close to that) there were a few others to like a trogan dll, I am not at his house now...thx@sandintaking a look right now...thx...NOTE after a quick look, SpySheriff was in there too8) Edited May 26, 2008 by Valuater
sandin Posted May 26, 2008 Posted May 26, 2008 heh, well it sounds familiar "blocking admin's rights", like taskmanager, msconfig, etc... and it's a special malicious progy remover, so... it's my recomendation to give it a try with SmitFraudFix :) Some cool glass and image menu | WinLIRC remote controler | Happy Holidays to all... | Bounce the sun, a game in which you must save the sun from falling by bouncing it back into the sky | Hook Leadtek WinFast TV Card Remote Control Msges | GDI+ sliding toolbar | MIDI Keyboard (early alpha stage, with lots of bugs to fix) | Alt+Tab replacement | CPU Benchmark with pretty GUI | Ini Editor - Edit/Create your ini files with great ease | Window Manager (take total control of your windows) Pretty GUI! | Pop-Up window from a button | Box slider for toolbar | Display sound volume on desktop | Switch hotkeys with mouse scroll
monoceres Posted May 26, 2008 Posted May 26, 2008 Maybe:http://www.symantec.com/security_response/...-99&tabid=1The only thing that came up when I searched spool.exe on symantec. Broken link? PM me and I'll send you the file!
rayzer Posted May 26, 2008 Posted May 26, 2008 heh, well it sounds familiar "blocking admin's rights", like taskmanager, msconfig, etc... and it's a special malicious progy remover, so... it's my recomendation to give it a try with SmitFraudFix :)Giving someone advice using a special fix could do more harm than good, I'm only trying to advise. What I mean is, if you post a hijackthis logfile, you will be in a better position to have your PC fixed properly as you may leave dangerous files behind.
Jos07 Posted May 26, 2008 Posted May 26, 2008 you should post log on http://www.bullguard.com/forum.aspxthey will surely help you! Always Keep Your Sig Small... Like me :D
Briegel Posted May 26, 2008 Posted May 26, 2008 I have a friend who has a virus on his computer. I went into safe mode and ran Microsoft defender and AVG Virus scan ( in safe mode avg can only use the cmd window) however the viruses were found, and I thought they were eliminated.To my suprise, they were still there. It said that I could not remove the files because I was not Admin. So I go into safe mode again, log in as Admin ( you can only do this in safe mode AFAIK) and ran the protection.Super suprised it was blocked again. So any ideas on...????? online virii scanner .... regread?, other ways to check or ???? ThanksValuater8)I would remove HD from your friend's pc and connect it to your pc (usb/pata/sata). Nothing should be blocked, i think.A great free scan engine you can find here from AVIRA.
walle Posted May 26, 2008 Posted May 26, 2008 Well... I would do following [Pullet proof concept] 1. Download Hijackthis 2.02 and post the result www.hijackthis.de, You will get the result instantly [shows bad processes, service etc] 2. Skip the crap Avg etc and download Kaspersky 7. www.kaspersky.com [Will eliminate all threats] 3. Update Windows! 4. Clean up startup and services. 5. Something you need to run a registry checker, especially if you run win 2k, 2 of 10 computer has corrupt update reg etc after a virus/trojan attack. Good luck!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now