 | | |
| pg2114 wrote: Is anybody able to suggest a definite method to detect and remove the offending virus, please? | |
| | |
Full format and fresh OS install. Only guaranteed way as backed up files may also be infected
| x404.co.uk http://www.x404.co.uk/forum/ |
|
| I have a virus apparently... http://www.x404.co.uk/forum/viewtopic.php?f=4&t=2992 |
Page 1 of 1 |
| Author: | pg2114 [ Thu Sep 24, 2009 9:48 pm ] |
| Post subject: | I have a virus apparently... |
Hello all, Ever since my ISP phoned me to report a virus on my computer, AVG keeps warning me about viruses in my Temporary Internet Files folder. These viruses seemingly have completely random names and no matter how many times I remove them, they simply return. I have performed the following tasks to remove the viruses, but to no avail. All of these have been done in and out of safe mode with restore facilities disabled.
I always thought this computer was secure with anti-virus, anti-spyware and firewall software, all active and kept up-to-date. I never download illegal files or open suspicious emails. If it was just one anti-virus software reporting the virus, I would assume it was a false positive, but the telephone call from my ISP suggests that something is happening. Is anybody able to suggest a definite method to detect and remove the offending virus, please? Many thanks, Peter. |
|
| Author: | finlay666 [ Thu Sep 24, 2009 10:05 pm ] | |||||||||
| Post subject: | Re: I have a virus apparently... | |||||||||
Full format and fresh OS install. Only guaranteed way as backed up files may also be infected |
||||||||||
| Author: | JJW009 [ Thu Sep 24, 2009 10:38 pm ] |
| Post subject: | Re: I have a virus apparently... |
Finlay is totally correct, and anyone that disagrees is placing too much confidence in something which can't actually be guaranteed. There is one command I ask people to do which might absolutely prove you have a contagious virus. However, it can't prove you're clean. Open a command box (start - run - type CMD and click OK) type netstat and press return. That lists all the network connections. That is, it shows you all the other computers that are talking to yours. You should see a few things if you have MSN, email and some web pages open. There might be some software checking for updates. However, if you see loads of unexpected entries then it's likely you're spreading the disease and your ISP could cut you off. Ignore any entries which say "localhost" under "foreign address" because that's just you talking to yourself. Technically, you'd be in breach of the misuse of computers laws and various "you're a terrorist" acts which mean you could be shot dead, and held for questioning indefinitely. Probably in that order. |
|
| Author: | finlay666 [ Thu Sep 24, 2009 11:58 pm ] | |||||||||
| Post subject: | Re: I have a virus apparently... | |||||||||
Some of the Virii can manifest in shared folders where you also have write access so bear that in mind I'm suprised there hasn't been an iPhone virus written yet given the numbers of that particular platform and how most users aren't exactly IT literate yet obviously have an internet connection for iTunes |
||||||||||
| Author: | JohnSheridan [ Fri Sep 25, 2009 8:04 am ] |
| Post subject: | Re: I have a virus apparently... |
Have you turned-OFF System Restore, then done a full check, rebooted and restarted system restore? |
|
| Author: | pg2114 [ Fri Sep 25, 2009 10:46 am ] | ||||||||||||||||||||||||||||||||||||
| Post subject: | Re: I have a virus apparently... | ||||||||||||||||||||||||||||||||||||
I really don't want to resort to a reformat, if at all possible. I only reformatted this machine a few weeks ago and have just got it set up the way I want!
I had never come across this command before, so I can't really tell what's suspicious or not. I've pasted the resulting log below, and would really appreciate it if someone could have a quick look through it.
Yes. In fact, I never have System Restore enabled, so I'm sure the virus isn't hiding there. Many thanks to all of you for your help. Peter. |
|||||||||||||||||||||||||||||||||||||
| Author: | saspro [ Fri Sep 25, 2009 11:28 am ] |
| Post subject: | Re: I have a virus apparently... |
malwarebytes might find some more stuff Run the command without any webpages open. |
|
| Author: | pg2114 [ Fri Sep 25, 2009 11:32 am ] | ||||||||||||||||||
| Post subject: | Re: I have a virus apparently... | ||||||||||||||||||
I'll certainly try MalwareBytes a bit later. Following suggestions in another thread, I am currently running a scan with Avira AntiVir, which has found four instances of a virus thus far.
The strange thing was that I had no webpages open when I ran the command. Despite this, I can see a few websites mentioned in the log, which is somewhat suspicious. Thank you, Peter. |
|||||||||||||||||||
| Author: | pg2114 [ Fri Sep 25, 2009 11:45 am ] |
| Post subject: | Re: I have a virus apparently... |
 It proceeded to delete the detected files, which it completed successfully. I shall now run another full scan with Avira AntiVir and MalwareBytes to check there are no more instances. Thanks, Peter. |
|
| Page 1 of 1 | All times are UTC |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|