Virus on WIN7

  • (2 Pages)
  • +
  • 1
  • 2

21 Replies - 2830 Views - Last Post: 19 April 2012 - 09:08 AM

#1 lilVaratep  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 28
  • View blog
  • Posts: 246
  • Joined: 09-October 11

Virus on WIN7

Posted 13 December 2011 - 09:45 AM

Hey, so for the past week or so, my win7 64bit ultimate has been acting up.I first noticed it whenever I googled and clicked on a link, it would send me somewhere else, rather then the desired search result. I would also keep getting pop ups from blinkx.com mostly when I'm browsing the internet. Now, I have a fake anti-virus called WIN7 Total Security 2012 or something like that. I can't even use firefox, chrome or internet explorer anymore. The anti-virus just keeps popping up whenever I try to use a browser. I'm currently dual-booted on Ubuntu 11.10. Is there any way to get rid of this virus? I've checked the control panel for installed programs and the only one I don't know what it is, is GuardMailRu, and GuardMailRu on my processes list. I currently have BitDefender and Spybot S&D. I virus scanned and searched and fixed, it said it got rid of some stuff, but this is still going on. Is there a way I can save Win7 without having to format?
Thanks in advance.

Is This A Good Question/Topic? 0
  • +

Replies To: Virus on WIN7

#2 modi123_1  Icon User is offline

  • Suitor #2
  • member icon



Reputation: 9579
  • View blog
  • Posts: 36,298
  • Joined: 12-June 08

Re: Virus on WIN7

Posted 13 December 2011 - 10:02 AM

Yeah.. this is sounds like a new version of a piece of malware that cropped up November 6th or so. If you have the exact name of the fake spyware thing that comes up it would help.. but essentially you boot in safe mode, install malwarebytes, update it, and let the sucker run on a full scan for as long as it takes. That should clear it up. Oh and probably run a few root killers as well.

Example of one:
http://www.bleepingc...t-security-2012
Was This Post Helpful? 0
  • +
  • -

#3 SixOfEleven  Icon User is offline

  • using Caffeine;
  • member icon

Reputation: 945
  • View blog
  • Posts: 6,342
  • Joined: 18-October 08

Re: Virus on WIN7

Posted 13 December 2011 - 10:02 AM

It definitely sounds like you've got a nasty virus. A free tool that I'd suggest trying is from http://combofix.org for removal of malware. If it can't remove a virus the report it generates will give you the name of any threat it couldn't remove and you can research that. You could also try Malwarebytes as a removal tool.

It is unfortunate but sometimes you'll just bang your head against the wall over and over again trying to remove a virus and get no where. The time and energy spent trying to remove it may have been better served starting over fresh. That is always a tough call to make but in the end may be what you need to do.
Was This Post Helpful? 0
  • +
  • -

#4 lilVaratep  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 28
  • View blog
  • Posts: 246
  • Joined: 09-October 11

Re: Virus on WIN7

Posted 13 December 2011 - 10:05 AM

View Postmodi123_1, on 13 December 2011 - 09:02 AM, said:

Yeah.. this is sounds like a new version of a piece of malware that cropped up November 6th or so. If you have the exact name of the fake spyware thing that comes up it would help.. but essentially you boot in safe mode, install malwarebytes, update it, and let the sucker run on a full scan for as long as it takes. That should clear it up. Oh and probably run a few root killers as well.

Example of one:
http://www.bleepingc...t-security-2012

That's the exact name. Win 7 Internet Security 2012. The virus still runs in my safe-mode. I have now noted that it is called ayw.exe in the processes list. I end the process, it goes away and comes back in a few minutes. I am now doing a search in safe-mode with s&d with my "wifi" button to off. It has already found "internet security fraud". I'm going to let it scan the whole system, fix, and I'll let you guys know what happened.
Was This Post Helpful? 0
  • +
  • -

#5 modi123_1  Icon User is offline

  • Suitor #2
  • member icon



Reputation: 9579
  • View blog
  • Posts: 36,298
  • Joined: 12-June 08

Re: Virus on WIN7

Posted 13 December 2011 - 10:07 AM

Yeah.. follow the steps.

step 3 - a registry fix.
step 4 - a process killer to make it stop
step 5 - malwarebytes..
Was This Post Helpful? 0
  • +
  • -

#6 SixOfEleven  Icon User is offline

  • using Caffeine;
  • member icon

Reputation: 945
  • View blog
  • Posts: 6,342
  • Joined: 18-October 08

Re: Virus on WIN7

Posted 13 December 2011 - 10:15 AM

Don't forget to try ComboFix. It's pretty good at removal. Again, run it in safe mode.
Was This Post Helpful? 0
  • +
  • -

#7 sykoticm  Icon User is offline

  • New D.I.C Head

Reputation: 2
  • View blog
  • Posts: 28
  • Joined: 07-October 11

Re: Virus on WIN7

Posted 13 December 2011 - 10:18 AM

Hello, Well first you can try what the other posters are posting, using Malwarebytes. Malwarebytes tends to help the most when speaking about software in my experience.

I am also fairly certain that just installing and running the full scan of Malwarebytes will not get rid of this infection. What I personally recommend is getting an external hard disk or some other form of storage device and reformat your hard disk and re-install windows.

What you will need for this process is Your original disks that come with the computer you bought specifically... the operating system disk and the drivers disks, also remember to download the latest drivers from the manufactures website for the best performance. There are several guides on the internet on how to do this.

If you feel uncomfortable doing this you can always take your computer into the nearest computer repair shop and have them do it for you usually costs anywhere from $50-$500 in my area.

I also don't recommend geek squad if you live in the U.S they charge an astronomical amount of money for their services and usually don't fix them just delay the end outcome, also geek squad is told to try and sell you new computers rather than fix them.
Was This Post Helpful? 0
  • +
  • -

#8 lilVaratep  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 28
  • View blog
  • Posts: 246
  • Joined: 09-October 11

Re: Virus on WIN7

Posted 13 December 2011 - 10:21 AM

This has now spread to my desktop... What gives?

Edit: Nevermind, I was being dumb and saw the screenshot on bleepingcomputer about the virus... LOL! brain fart

This post has been edited by lilVaratep: 13 December 2011 - 10:23 AM

Was This Post Helpful? 0
  • +
  • -

#9 SixOfEleven  Icon User is offline

  • using Caffeine;
  • member icon

Reputation: 945
  • View blog
  • Posts: 6,342
  • Joined: 18-October 08

Re: Virus on WIN7

Posted 13 December 2011 - 10:30 AM

Get all your computers off your network. You'll need to work on them one at a time. Don't connect the fixed one to your network or it will probably migrate back to it. As suggested try Malwarebytes and ComboFix to see if you can remove this nasty piece of work. In the end it may be best to start with a fresh install. It's a pain in the ass to reinstall all of your programs and getting your settings back but this thing is proving to be really nasty. Just make sure that the new install isn't connected to your network with another infected machine.
Was This Post Helpful? 0
  • +
  • -

#10 lilVaratep  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 28
  • View blog
  • Posts: 246
  • Joined: 09-October 11

Re: Virus on WIN7

Posted 13 December 2011 - 10:46 AM

It seems that my first spybot s&d did the trick while in safe-mode with wifi turned off. I am now on regular WIN7 running malwarebytes. Will check back here once I've confirmed it's gone. Thanks guys.
Was This Post Helpful? 0
  • +
  • -

#11 AlbuquerqueApache  Icon User is offline

  • D.I.C Addict

Reputation: 49
  • View blog
  • Posts: 523
  • Joined: 21-February 10

Re: Virus on WIN7

Posted 15 December 2011 - 08:45 AM

If that didn't kill it. Since you have your system dual booted you cna install clamscan and mount your windows filesystem and run a recursive scan.

:)
Was This Post Helpful? 0
  • +
  • -

#12 sykoticm  Icon User is offline

  • New D.I.C Head

Reputation: 2
  • View blog
  • Posts: 28
  • Joined: 07-October 11

Re: Virus on WIN7

Posted 15 December 2011 - 11:54 AM

I still think you would be better off just re-intalling the operating system and just restart :)
Was This Post Helpful? 0
  • +
  • -

#13 modi123_1  Icon User is offline

  • Suitor #2
  • member icon



Reputation: 9579
  • View blog
  • Posts: 36,298
  • Joined: 12-June 08

Re: Virus on WIN7

Posted 15 December 2011 - 12:07 PM

@syko - not with that malware.... Since my first post in this I've removed it (and similar variants) from three other pcs (not including the first one I mentioned). Just following the steps in bleeping-computer, use the recommended process killers and a liberal use of malwarebytes worked each and ever time. No need to go through the hassle of a new OS install.
Was This Post Helpful? 0
  • +
  • -

#14 sykoticm  Icon User is offline

  • New D.I.C Head

Reputation: 2
  • View blog
  • Posts: 28
  • Joined: 07-October 11

Re: Virus on WIN7

Posted 15 December 2011 - 07:01 PM

View Postmodi123_1, on 15 December 2011 - 01:07 PM, said:

@syko - not with that malware.... Since my first post in this I've removed it (and similar variants) from three other pcs (not including the first one I mentioned). Just following the steps in bleeping-computer, use the recommended process killers and a liberal use of malwarebytes worked each and ever time. No need to go through the hassle of a new OS install.


True if you can live with that feeling of, "My computer was infected". Not like you must reload the OS but it feels dirty if a computer gets infected.
Was This Post Helpful? 0
  • +
  • -

#15 modi123_1  Icon User is offline

  • Suitor #2
  • member icon



Reputation: 9579
  • View blog
  • Posts: 36,298
  • Joined: 12-June 08

Re: Virus on WIN7

Posted 15 December 2011 - 10:09 PM

I guess there's the metaphorical shame yoked around your neck that you let something in past you guard, but if you know the malware and you know how to defeat it there shouldn't be a problem. I would probably waste the resinstall time with shoring up your defenses.
Was This Post Helpful? 0
  • +
  • -

  • (2 Pages)
  • +
  • 1
  • 2