Results 1 to 9 of 9

Thread: I got a virus. Anybody know how to remove this? (its a tough one) +rep

  1. #1
    Narkotiq's Avatar
    Joined
    Feb 2012
    Posts
    888
    Pronouns
    He/Him
    Userbars
    19
    Thanks
    503
    Thanked
    464/239
    DL/UL
    146/0
    Mentioned
    75 times
    Time Online
    42d 9h 18m
    Avg. Time Online
    14m

    I got a virus. Anybody know how to remove this? (its a tough one) +rep

    Infected files:
    80000032.@, 80000064.@ and 00000008.@ theres also one that's just all zeros.

    2 of them show up: Win32NSChanger-VJ[Trj]
    And 2 as a Malware installer.

    I've been googling all day and I keep reading how bad this virus is but I just cant seem to get rid of it.



    No anti-virus will get rid of it. Just says access denied.


    If anybody has had this and knows how to fix it I will +rep the hell out of you for helping me.

  2. #2
    Xanice's Avatar
    Joined
    Dec 2011
    Posts
    295
    Userbars
    5
    Thanks
    47
    Thanked
    138/90
    DL/UL
    3/0
    Mentioned
    46 times
    Time Online
    1d 4h 57m
    Avg. Time Online
    N/A
    If your anti-viruses can detect it, then try re-running your computer in safe-mode with network disabled. The reason why the virus can not be deleted is because it starts up hidden as a core process when your computer starts up. (You can not delete files which are running actively on your computer for obvious reasons).

    If you open your computer in safe-mode, only the CORE PREDEFINED PROCESSES SET BY WINDOWS (dunno why i caps'd) wills tart up. Afterwards, run your antivirus and it should berid the trojans. Most trojan types create a new file which creates a backdoor to your computer, rather than infecting an actual windows startup file, and even if it does, without an internet connection, the trojan host can not send commands rejecting deletion.

    Best of luck, if you need to know how to start in safemode just ask.


    Cause someday I'll be OVER 9,000... Rep!


  3. The Following User Says Thank You to Xanice For This Useful Post:

    paox3 (07-07-2012)

  4. #3
    paox3's Avatar
    Joined
    Apr 2012
    Posts
    159
    Userbars
    2
    Thanks
    27
    Thanked
    27/16
    DL/UL
    53/0
    Mentioned
    25 times
    Time Online
    3d 3h 36m
    Avg. Time Online
    1m
    Do you have any other software for viruses? Like AVG or something else. You could try using those.

    If all else fails, and you don't mind losing data, I'd say just reformat everything.

  5. #4
    Narkotiq's Avatar
    Joined
    Feb 2012
    Posts
    888
    Pronouns
    He/Him
    Userbars
    19
    Thanks
    503
    Thanked
    464/239
    DL/UL
    146/0
    Mentioned
    75 times
    Time Online
    42d 9h 18m
    Avg. Time Online
    14m
    Way too much important stuff to reformat. I ran a program called Hitman Pro and it seems to have taken care of it.. atleast I hope so. Im not getting alerts every 5 mins now. We'll see how it goes.

  6. #5
    Xanice's Avatar
    Joined
    Dec 2011
    Posts
    295
    Userbars
    5
    Thanks
    47
    Thanked
    138/90
    DL/UL
    3/0
    Mentioned
    46 times
    Time Online
    1d 4h 57m
    Avg. Time Online
    N/A
    Quote Originally Posted by Narkotiq View Post
    Way too much important stuff to reformat. I ran a program called Hitman Pro and it seems to have taken care of it.. atleast I hope so. Im not getting alerts every 5 mins now. We'll see how it goes.
    Don't know if you missed my post. Everything I wrote is more or less fullproof without reformatting. If you do not run in safemode, I can garuntee any half decent trojan will simply reinstall itself after deleting it since there's a rootkit most likely.


    Cause someday I'll be OVER 9,000... Rep!


  7. The Following User Says Thank You to Xanice For This Useful Post:

    Zachafer (07-07-2012)

  8. #6
    Ryan~'s Avatar
    Joined
    Jan 2012
    Posts
    123
    Userbars
    5
    Thanks
    1,380
    Thanked
    1,424/827
    DL/UL
    103/4
    Mentioned
    640 times
    Time Online
    15d 12h 13m
    Avg. Time Online
    5m
    This is that virus Emily was talking about.

    Go here: (you need an account to see links)

    is it red or green?

  9. #7
    Narkotiq's Avatar
    Joined
    Feb 2012
    Posts
    888
    Pronouns
    He/Him
    Userbars
    19
    Thanks
    503
    Thanked
    464/239
    DL/UL
    146/0
    Mentioned
    75 times
    Time Online
    42d 9h 18m
    Avg. Time Online
    14m
    Quote Originally Posted by Ryan~ View Post
    This is that virus Emily was talking about.

    Go here: (you need an account to see links)

    is it red or green?
    \
    Actually I went there earlier today and it was green. I didn't have the problem until I went there though. Like 10 mins later all these alerts and stuff started popping up.


    Edit: Still Green

  10. #8
    Ryan~'s Avatar
    Joined
    Jan 2012
    Posts
    123
    Userbars
    5
    Thanks
    1,380
    Thanked
    1,424/827
    DL/UL
    103/4
    Mentioned
    640 times
    Time Online
    15d 12h 13m
    Avg. Time Online
    5m
    Well, that's a government site,so I doubt you'd get it from there.

  11. #9

    Joined
    Jul 2012
    Posts
    51
    Userbars
    1
    Thanks
    4
    Thanked
    7/7
    DL/UL
    5/0
    Mentioned
    4 times
    Time Online
    N/A
    Avg. Time Online
    N/A
    I have a easy way for you to destroy viruses that your antivirus can't seem to kill.
    Forgive my spelling and grammar.

    Tools you will need: A 2+ gb usb drive. Yumi Multi-boot ((you need an account to see links)). Ethernet plugin.

    1) Place USB Inside computer.
    2) Turn on Yumi (Ok administrator mode. )
    3) Choose your USB drive.
    4) Choose bitdefender antivirus from the scrolling menu. Then click the opted to download the iso.
    5) Click Create! This will reformat the USB. After it's done creating, you now have a live usb of bitdefender.

    Now to use it.
    1) Plug in your ethernet
    2) Restart the computer and boot into the usb. You can either do this through the bios or through the boot menu. Depending on the computer and it's age. I use my esc or f12 key and it pulls up a boot menu. I choose the usb. If you go through the bios (normally del) choose the boot priority and make the USB on top.
    (Bios Boot Order Changing: (you need an account to see links))
    (
    When the usb boots, choose the anti-virus and then boot into bit defender. Make sure your computer is plugged into the internet to make this faster or you will have to cancel the first scan and sign into your wifi. So, if it's Ethernet plugged in, it will update and scan as soon as it turns on.

    The program will update and then virus scan if it has internet access.

    Now what makes this a better approach than starting in safe mode? This method is very intense on the computer. It is booting from the USB. This means everything is placed onto the USB. The OS is a linux based OS, thus the windows virus can not affect it. This method is like sending in the army to break up a bar fight. It will stop every virus that is on the computer and things that windows has allowed to infest directly. Last time i scanned a computer with AVAST on it with this process, I found over 30 viruses.

    Now after the virus scan is done:
    1) Shutdown.
    2) Remove USB drive.
    3) Restart the Computer. It might prompt you to "fix" windows. Windows is not broken. You booted into a different OS, thus windows is confused and thus wants to fix it anything the other OS did. That means, it will try to restore the system. Which isn't a good thing. So, don't let it "fix" windows.
    4) If you don't have a PC cleaner of some type, i would suggest Glary Utilities ((you need an account to see links)) This is a freeware program that helps repair the basics of windows.
    5) After installing, click scan for issues. Then Fix issues.
    6) Go to Modules > Windows Standard Tools > Disk Defragmenter. (The reason for this is because this virus leaves holes in your file indexing)
    7) After defraging your computer, close all programs except glarys. Then Modules > optimize > registry defrag. (This will organize your registry which will make it easier for your computer to find stuff and help your antivirus determine if something doesn't belong.
    8) After defragings is over with, restart your computer and have fun with your faster, stronger, and happier computer.

    If you have any questions fill free to PM me.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •