Can't get rid of this damned virus.

Discussion in 'Tech Talk' started by M2 Carbine, Mar 8, 2010.

  1. M2 Carbine

    M2 Carbine

    Messages:
    25,505
    Likes Received:
    14,276
    Joined:
    Dec 21, 2002
    Location:
    Texas
    AVG keeps popping up with multiple copies of
    Trojan Horse Back Door Generic12 GOG.dropper

    I've run AVG,
    Spywearfighter
    SuperAnti Spywear,
    Spy Bot,
    and
    Malwearbytes in and out of safe mode

    No luck, AVG continues to poop up every few minutes with the virus.
    AVG says,
    C;\Windows\system32\316716.exe
    is infected.

    The last couple numbers change. Now 32\974590.exe just popped up.

    Any ideas?
     
  2. Dalton Wayne

    Dalton Wayne Epic mustache Millennium Member

    Messages:
    12,633
    Likes Received:
    13
    Joined:
    Apr 5, 1999
    Location:
    Central Florida
    When was the last time you upgraded AVG? you moved it to the vault and it didn't clear it, You may have to start over by cleaning the drive writing zeros to it then reinstall everything that's the worst case.
    Sorry I wasn't much help
    Regards
    DW
     

  3. MavsX

    MavsX The Dude Abides

    Messages:
    3,033
    Likes Received:
    0
    Joined:
    Jan 19, 2009
    Location:
    Arlington, VA
    can you log into mutiple user accounts on that computer or do you just have 1 log on. If you have multiple accounts, try and log out and then log into another account, and see if the pop ups still appear. I got a feeling that you getting these pop ups in safe mode..you might be SOL.

    let us know.

    usually whenever i get a virus..i say..thats it. and i format and reinstall. you just can never trust the virus or the virus software...of course i haven't gotten a virus in probably 10 years..but i mean here at my office..if someone gets one, i usually just image the computer.
     
  4. M2 Carbine

    M2 Carbine

    Messages:
    25,505
    Likes Received:
    14,276
    Joined:
    Dec 21, 2002
    Location:
    Texas
    AVG is up to date.

    Only one account.

    Best I can tell AVG doesn't work in safe mode, I tried it this morning.
    I wasn't getting the AVG popups in safe mode.

    Malwearbytes does work in safe mode.


    Got a line of thunderstorms moving in in about 20 minutes. Have to shut down but when I start up I'll see if I'm getting the pop ups in safe mode.
     
  5. D-E-F-E-N-S-E!

    D-E-F-E-N-S-E! AAAAAAAAAAAAAH!

    Messages:
    362
    Likes Received:
    0
    Joined:
    May 3, 2004
    Before doing something drastic like reformatting, try a program called Combofix.

    It is a little hardcore, a little scary to use, and might be overkill, but should work as a last resort.

    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    I was forced to use it once. It knocked out the virus...but had unfortunate side effects.
    This program kills everything associated with the virus, and it seems that this virus had hijacked my login ID. When the virus was killed, so was any chance of logging in through normal channels.

    User beware.
     
    Last edited: Mar 8, 2010
  6. Linux3

    Linux3

    Messages:
    1,399
    Likes Received:
    0
    Joined:
    Dec 31, 2008
    Sorry but I just don't understand why people keep with Windows. An O.S. that is this vulnerable is so 1990.
    There are better ways.
    I'm not slamming you. It's your choice, I just don't understand the mind set. I like to do Internet banking and browse where ever I choose without worring about bad guys hijacking my identity or making the system I paid for part of a botnet.
    Is it because you like to play games?
     
  7. Patrick Graham

    Patrick Graham Footlong Jr.

    Messages:
    1,953
    Likes Received:
    0
    Joined:
    Sep 7, 2001
    Location:
    Kokomo Indiana
    Adobe CS4 and Roland VersaCAMM for starters.

    Linux is fine if you are just surfing the net.
     
  8. JohnBT

    JohnBT NRA Benefactor

    Messages:
    6,081
    Likes Received:
    1,014
    Joined:
    Feb 24, 2000
    Location:
    Richmond, Virginia
    "Sorry but I just don't understand why people keep with Windows."

    Because it works just fine if you have half a clue about running a pc. I've had half a clue since 1987 when I got my first pc and I get along with Vista okay. I've thought about taking my first computer class and seeing about that other half a clue, but I've made it this far without any formal training.

    John
     
  9. Pierre!

    Pierre! NRA Life Member

    Messages:
    4,696
    Likes Received:
    1,166
    Joined:
    Jun 20, 2003
    Location:
    Lovin Sparks Nv!
    DID YOU SCAN IN SAFE MODE????

    If you do NOT scan in safe mode, most viruses/malware/trojans will stealth themselves and YOU WILL NEVER CLEAN THE SYSTEM.

    I have seen veteran techs blow this off regularly. Stealth technology came into play 7 to 8 years ago, and it works, and it's gotten better.

    Safe Mode removes the opportunity to stealth program loads.

    YOU ARE WASTING YOUR TIME ATTEMPTING TO CLEAN IN ANY STATUS BUT SAFE MODE.

    PERIOD.

    So try again!

    The rest of you can prevent a future visit from the "Safe Mode Gremlin" by stating that you are scanning in safe mode somewhere in your post... :cool:

    Regarding which ever operating system you should use... I think that it is certain that whoever wins the operating system war will be attacked, probed, reverse engineered, and exploited at every point possible. Some systems just aren't worth the effort yet, and because of this appear to be rock solid...

    As I have heard said "We just haven't played Cowboys and Macs, or Cowboys and Linux yet"... Know what I mean?

    Suggesting a wholesale change of OS into an environment you have never seen or evaluated... *PRICELESS*
     
  10. Swiper

    Swiper

    Messages:
    2,873
    Likes Received:
    0
    Joined:
    Dec 31, 2009
    Location:
    Washington, DC
    I have used Windows since 1995. Only had 2-3 harmless viruses through the years despite being not overly protective. However, I have always had an up-to-date antivirus software and have never clicked on those maleware-popups that litters the Internet.
     
  11. M2 Carbine

    M2 Carbine

    Messages:
    25,505
    Likes Received:
    14,276
    Joined:
    Dec 21, 2002
    Location:
    Texas
    Yes, I have run Megabytes in Safe Mode a number of times .
    Megabytes is the only one of the anti virus programs I have been able to get to run in safe mode.

    It, and all the other anti-virus programs find the virus, or at least the results of the virus. They appear to do their thing, quarantine, etc, but then within a minute a anti-virus program will show there's infected files again.
    Apparently the virus has hidden itself somewhere and the anti-virus programs keep working on what the virus is doing but can't get rid of the virus.

    Thanks. I'll save this as a last resort. I suspect it may cause big problems since the virus is screwing up system32 files.

    Because that's what comes with the computer. Most people that buy a new computer don't want to, and haven't a clue about installing another operating system.
     
    Last edited: Mar 9, 2010
  12. Slug71

    Slug71

    Messages:
    4,499
    Likes Received:
    12
    Joined:
    Mar 7, 2010
    Location:
    Oregon - U.S.A
    Install Ubuntu.
     
  13. 750SpiritRdr

    750SpiritRdr

    Messages:
    151
    Likes Received:
    1
    Joined:
    Feb 17, 2010
    Location:
    Brazoria, Tx
    SuperAnti Spy ware will run in Safe mode, make sure it's updated and run it in safe mode. If you have to then put it on a jump drive and run it from there in safe mode
     
  14. 750SpiritRdr

    750SpiritRdr

    Messages:
    151
    Likes Received:
    1
    Joined:
    Feb 17, 2010
    Location:
    Brazoria, Tx
    by the way i work at a hospital in the IT Dept. and this is the best way to get rid of this. Run a scan more than once also.
     
  15. Linux3

    Linux3

    Messages:
    1,399
    Likes Received:
    0
    Joined:
    Dec 31, 2008
    Or if you are a scientist or mathematician or a researcher. Almost all of the 500 most powerful computers run Linux.
    http://www.top500.org/stats/list/34/osfam
    If you want to work on Digital Cinema, digital projection of feature films, then the O.S. is required by the Digital Cinema Initiative
    http://www.dcimovies.com/
    How about movie special effects artist, aka migrant pixel worker? Not home movies, professionals.
    http://www.linuxmovies.org/
    Security? If it's good enough for the NSA I guess it's good enough for me.
    http://www.nsa.gov/research/selinux/index.shtml

    And lets not forget people who just want to surf the web, write a few letters, do their banking and taxes show pictures and home videos and just don't want to have to worry about getting infected.
     
  16. M2 Carbine

    M2 Carbine

    Messages:
    25,505
    Likes Received:
    14,276
    Joined:
    Dec 21, 2002
    Location:
    Texas
    I'll try it again.
    I have a desktop icon for SuperAnti Spyware in safe mode but unlike Malwearbytes, SAS wouldn't open.
    Thanks, I'll try and get SAS working in safe mode.


    Now, in normal mode, as I'm typing SPYWAERfighter has popped up four times showing,

    Infected file has been found,
    Trojan.DR.Mudrop.CDO

    every few minutes now.


    I'd like to get my hands on the POS that created this virus. SOB would never touch a computer keyboard again.:steamed:
     
  17. 750SpiritRdr

    750SpiritRdr

    Messages:
    151
    Likes Received:
    1
    Joined:
    Feb 17, 2010
    Location:
    Brazoria, Tx
    Have you been playing online games? That seems to be an online game hack
     
  18. M2 Carbine

    M2 Carbine

    Messages:
    25,505
    Likes Received:
    14,276
    Joined:
    Dec 21, 2002
    Location:
    Texas
    No games but I'm bad for looking at stuff to see if might be something I can use.
    I don't remember what I was doing before this popped up, so I could have got the virus anywhere.


    I got SuperAntiSpyware working in safe mode. All it came up with is 20 tracking cookies. I'm running a full scan now.
    Lucky I've got a couple computers to use but the infected one is the main one with everything on it. I've started to make sure I've got everything backed up in case it comes down to formatting the HD. I'm almost tempted to buy a new computer. All mine are several years old. How's Win 7 working out?


    The hell with this aggravation, I'm going shooting.:supergrin:
     
    Last edited: Mar 9, 2010
  19. IndyGunFreak

    IndyGunFreak

    Messages:
    26,996
    Likes Received:
    2,459
    Joined:
    Jan 26, 2001
    Location:
    Indiana
    Hogwash...

    There's plenty of programs that you can use that will do what those programs do.... The problem is, idiots install Linux and the first thing they say is "How do I make my Windows software run"... Well if you're gonna do that, just keep running Windows.

    Learn to use Linux alternatives, and only use emulators/WINE when you have to. Makes life far easier.

    IGF
     
  20. TnGlocker12

    TnGlocker12

    Messages:
    624
    Likes Received:
    0
    Joined:
    Apr 1, 2009
    Location:
    West Tennessee
    I don't know much about computers, but a few months back I got a virus. I stumbled on the safe mode and then I did a "Restore" for a few weeks back and have not had any problems since.