PDA

View Full Version : virus help!



Sk1nyNerd
11-12-2014, 12:40 AM
Skype said I needed an update but when I updated my computer got shit on hard. Its keylogged and I can't type or right click and I don't have access to task manager and I can't open any computer secuirty things I have installed. I managed to get to the internet tho :P. Can someone link a virus removal I can click on to run please. Or some help lol

Wetish
11-12-2014, 12:52 AM
Boot in safe mode with networking.
Check msconfig startup for unusual programs
http://www.eset.com/us/online-scanner/
https://www.malwarebytes.org/antimalware/
http://www.kaspersky.com/antivirus-removal-tool?form=1

Kyle
11-12-2014, 12:56 AM
Skype said I needed an update but when I updated my computer got shit on hard. Its keylogged and I can't type or right click and I don't have access to task manager and I can't open any computer secuirty things I have installed. I managed to get to the internet tho :P. Can someone link a virus removal I can click on to run please. Or some help lol

Looks like you've done it now!!

Sk1nyNerd
11-12-2014, 12:59 AM
Cool. I tried searchin for unusual names but they all looked convincing ha.

I was able to open up the onscreen keyboard and got to microsoft. If it doesn't work ill try the links.

Thanks!

Sk1nyNerd
11-12-2014, 01:00 AM
I haven't used skype often so it seemed convincing lolol. Took about 30mins to find access to the internet

Wetish
11-12-2014, 01:07 AM
Are you in safe mode? You need to be. Otherwise the virus is still running and will probably prevent you from running virus scans.

Sk1nyNerd
11-12-2014, 01:21 AM
No I'm not, the microsoft one is currently doing a full scan. I think its doing it from the web, I just had to run it

rj
11-12-2014, 03:12 AM
CCleaner always works good too! https://www.piriform.com/ccleaner/download

I would get malwarebytes or whatever it's called, my old laptop from years ago was infested from virus's brought on by my sister, mom, and probably myself. Booted it up 4 years later, ran malwarebytes, and 90% of the problems fixed (90% of the problems being virus's etc etc)

Brandon
11-12-2014, 04:51 AM
Are you in safe mode? You need to be. Otherwise the virus is still running and will probably prevent you from running virus scans.

Safe mode does not stop a virus from running.. Especially if they melt. Meaning they can melt/merge into explorer.exe or into any browser so that when you run the browser or when explorer loads, the virus loads as well. That's how you can make a virus auto start without using the registry or startup.. Lol. A lot of the time most of them just inject into explorer instead while the file is hidden somewhere else. Accomplishes the same thing but usually installs as a service or uses a registry key to start and inject itself. Viruses also hook themselves.. Hooking exit process from WinAPI so that when you terminate it, it starts itself before termination or noops the call.

@OP:
I'd check the run and run once keys in the registry. I'd monitor out going connections with wire shark or similar. I'd remove Skype. Use process explorer to check for hidden running procceses. Right click each process and reveal the file's location (from process explorer not task manager).. Most viruses install to appdata, roaming, temp, windows, system32 and program files. Some virus kits allow you to customize them to install to custom locations instead and usually the folder has hidden attributes.

Outgoing connections to a noip address is extremely common. Get an antivirus.
Good luck.

Sk1nyNerd
11-12-2014, 10:14 PM
Thanks for all the help guys!(posting from my laptop now :P)

Microsoft never found anything while in safe mode with networking but malwarebytes ended up finding 3 trojans and 77 other things tagged along and it appears to have succesfully removed them! i dont see anything sketch in msconfig. im not sure what process explorer is, doesnt return any search results

CCleaner also got rid 6.6gigs of cached files haha.

How do you typically enter safe mode? start up i can either f2 or f12 for system settings. i just let my battery drain on my laptop so i could select it for not shutting down properly. i wouldnt of been able to do that on a desktop.

NKN
11-12-2014, 11:52 PM
Thanks for all the help guys!(posting from my laptop now :P)

Microsoft never found anything while in safe mode with networking but malwarebytes ended up finding 3 trojans and 77 other things tagged along and it appears to have succesfully removed them! i dont see anything sketch in msconfig. im not sure what process explorer is, doesnt return any search results

CCleaner also got rid 6.6gigs of cached files haha.

How do you typically enter safe mode? start up i can either f2 or f12 for system settings. i just let my battery drain on my laptop so i could select it for not shutting down properly. i wouldnt of been able to do that on a desktop.


Don't quote me, but I think it's F8 on windows before the windows logo pops up.