ick, this is bad... - Fantasy Football Cafe 2014 Fantasy Football Cafe


Return to General Talk

ick, this is bad...

Moderator: Football Moderators

Re: ick, this is bad...

Postby The_Captain » Wed Mar 25, 2009 4:03 pm

I had to clean a virus from a friend of mine's computer about three weeks ago and used the following apps to finally kill the darn thing off:

Spybot Search and Destroy
Malwarebytes Anti-Malware
Anti-virus (with the latest virus definitions)

I would try running these first and see what you get. If you need additional help, let me know.
Image
Image

"This is your captain calling--with an urgent warning" - The The
The_Captain
Mod in Retirement
Mod in Retirement

User avatar
CafeholicFantasy ExpertCafe RankerMock(ing) DrafterEagle EyePick 3 Weekly WinnerSweet 16 SurvivorCafe Blackjack Weekly WinnerLucky Ladders Weekly Winner
Posts: 13949
Joined: 8 Oct 2003
Home Cafe: Football
Location: Lurking somewhere between here and there...

Re: ick, this is bad...

Postby scottaa1 » Wed Mar 25, 2009 5:31 pm

The_Captain wrote:I had to clean a virus from a friend of mine's computer about three weeks ago and used the following apps to finally kill the darn thing off:

Spybot Search and Destroy
Malwarebytes Anti-Malware
Anti-virus (with the latest virus definitions)

I would try running these first and see what you get. If you need additional help, let me know.


What a pain... I went through that a few months ago. First, check and see if your auto-updates from MS are still on, they probably aren't, which will block attempts to fix things. Go to your run dialog and run services.msc. Make sure automatic updates is started, background intelligent transfer service, cryptographic service, and event log are started. You may have to start them manually, and keep going back to start them as you work on the problems. If those aren't hte proper ones, when you try to go to windows update, it will error saying it can't run and provide instructions on which services to start. Once you're updated with the proper windows stuff, you can run the online windows malware scan - believe it or not, I found it useful. Between it, Antivir, and Spybot alerting me when the malware was trying to duplicate itself (it will show up as 'such and such registry entry is trying to be renamed, or copied, or something.' Always deny access, UNLESS you're adding software like new scanning tools, which will need to make registry entries. It won't be scrubbed clean in one pass, but eventually you'll be able to slow it down enough that with repeated scans, you'll get it all. Real pain in the backside. If you've got that one that keeps popping up something like '2008 security scan' or whatever, good luck, I never did get rid of it. I retired that laptop since it had issues anyway.

Again, good luck. Plan to spend a lot of time not using that computer while it scans itself.
Image
Thanks Chaoyi Shih for the sig.
scottaa1
Mod in Retirement
Mod in Retirement

User avatar
EditorCafeholicFantasy ExpertCafe WriterMock(ing) DrafterGolden Eagle EyePick 3 Weekly WinnerMatchup Meltdown SurvivorCafe Blackjack Weekly Winner
Posts: 8540
(Past Year: 13)
Joined: 17 Oct 2004
Home Cafe: Football
Location: Indy

Re: ick, this is bad...

Postby Guru13 » Thu Mar 26, 2009 11:33 am

alright, I'm gonna run those three things and see what happens, I've searched to see what other people are doing about it and it seems like most programs aren't picking it up, you have to delete it yourself which wouldn't be a problem except I can't figure out which file it is.
Image
Guru13
Hall of Fame Hero
Hall of Fame Hero

User avatar
CafeholicCafe WriterCafe RankerGraphics ExpertMock(ing) DrafterEagle Eye
Posts: 9206
(Past Year: 4)
Joined: 29 Nov 2004
Home Cafe: Football

Re: ick, this is bad...

Postby The_Captain » Thu Mar 26, 2009 12:36 pm

FantasyFutballGuru13 wrote:alright, I'm gonna run those three things and see what happens, I've searched to see what other people are doing about it and it seems like most programs aren't picking it up, you have to delete it yourself which wouldn't be a problem except I can't figure out which file it is.


If you're Anti-virus software is current with the latest virus definitions, it should find it. If it doesn't then I would suspect either Spybot or Malware will find it. If those two fail to work, you might have try HiJjackthis to see what it loading in the background on start up. Anything you don't recognize can be removed, but you must be very careful you don't blow something away which is necessary to the computer operations. If I see something I don't recognize, I'll Google search it to see what it is.

Good luck!
Image
Image

"This is your captain calling--with an urgent warning" - The The
The_Captain
Mod in Retirement
Mod in Retirement

User avatar
CafeholicFantasy ExpertCafe RankerMock(ing) DrafterEagle EyePick 3 Weekly WinnerSweet 16 SurvivorCafe Blackjack Weekly WinnerLucky Ladders Weekly Winner
Posts: 13949
Joined: 8 Oct 2003
Home Cafe: Football
Location: Lurking somewhere between here and there...

Re: ick, this is bad...

Postby Guru13 » Thu Mar 26, 2009 1:02 pm

A ridonculously huge avast scan got rid of the little popup in the taskbar, however I still get an internet popup from time to time that clearly is a virus and it was detected as something in the userinit.exe process, but I can't get rid of that because you need to it to log on to the computer - so I'm not really sure what to do.
Image
Guru13
Hall of Fame Hero
Hall of Fame Hero

User avatar
CafeholicCafe WriterCafe RankerGraphics ExpertMock(ing) DrafterEagle Eye
Posts: 9206
(Past Year: 4)
Joined: 29 Nov 2004
Home Cafe: Football

Re: ick, this is bad...

Postby The_Captain » Thu Mar 26, 2009 1:57 pm

FantasyFutballGuru13 wrote:A ridonculously huge avast scan got rid of the little popup in the taskbar, however I still get an internet popup from time to time that clearly is a virus and it was detected as something in the userinit.exe process, but I can't get rid of that because you need to it to log on to the computer - so I'm not really sure what to do.


:-b - well, both Spybot and Malware take a while to run through your entire system, but it's good one of them found the issue with the popup.

Regarding the other item - a google search seems to indicate you'll have to traipse through your registry to fix the issue. I did a search on userinit.exe virus and it had a number of hits. Try this and see what you find.
Image
Image

"This is your captain calling--with an urgent warning" - The The
The_Captain
Mod in Retirement
Mod in Retirement

User avatar
CafeholicFantasy ExpertCafe RankerMock(ing) DrafterEagle EyePick 3 Weekly WinnerSweet 16 SurvivorCafe Blackjack Weekly WinnerLucky Ladders Weekly Winner
Posts: 13949
Joined: 8 Oct 2003
Home Cafe: Football
Location: Lurking somewhere between here and there...

Re: ick, this is bad...

Postby Art Vandelay » Thu Mar 26, 2009 3:50 pm

My computer was rendered completely useless by viruses and crap a few months ago. I spent weeks and week downloading and running every program that anyone suggested, but to no avail. Without exaggerating I'd say I spent a good 15 hours in the month of December trying to fix it, and that doesn't even count all of the time spent waiting while the stupid thing ran scans. I finally gave up and decided that I was just going to sweep the stupid maching clean and reinstall windows when we got back from traveling for Christmas, then my inlaws got us a new imac for Christmas, so I haven't even looked at my old computer since. So, in my experience, you're better off not spending a bunch of time trying to fix it, and just marrying someone with nice parents.
Art Vandelay
Offensive Coordinator
Offensive Coordinator


Posts: 749
Joined: 12 Mar 2005
Home Cafe: Baseball

Re: ick, this is bad...

Postby RiffRaff » Thu Mar 26, 2009 3:56 pm

Scotta, from what I read of you, your computer is beyond the help of those free services. You will never get rid of them all.

It is time for any of you that are doing too many Shady things to reformat your hard drives, put a clean install in and consider changing your surfing habits. :-) ;-D
Image
The Eagles rule, the Viqueens drool.
E-A-G-L-E-S EAGLES, EAGLES, EAGLES
RiffRaff
General Manager
General Manager

User avatar
Cafe RankerPick 3 ChampionCafe Blackjack Weekly Winner
Posts: 3527
Joined: 22 Apr 2007
Home Cafe: Football
Location: Big Old 0 for the Grill-0- Meter. Minnesota Weather Sucks

Re: ick, this is bad...

Postby Metroid » Thu Mar 26, 2009 4:11 pm

RiffRaff wrote:Scotta, from what I read of you, your computer is beyond the help of those free services. You will never get rid of them all.

It is time for any of you that are doing too many Shady things to reformat your hard drives, put a clean install in and consider changing your surfing habits. :-) ;-D

You mean no more pr0n? 8-o
Image
Metroid
Moderator
Moderator

User avatar
ModeratorCafeholicCafe RankerGraphics ExpertEagle Eye
Posts: 22544
Joined: 9 Oct 2005
Home Cafe: Football
Location: Bringing the funk in P-Town!

Re: ick, this is bad...

Postby Guru13 » Thu Mar 26, 2009 5:24 pm

So I'm fairly confident that the virus is gone, however the registry cleaner I ran got rid of the .exe file that a) stored the virus and b) is needed to log in. When I log in it immediately logs me back out - I know there's a way to get it back, it might be by reinstalling XP, but I can't remember...anyone know?
Image
Guru13
Hall of Fame Hero
Hall of Fame Hero

User avatar
CafeholicCafe WriterCafe RankerGraphics ExpertMock(ing) DrafterEagle Eye
Posts: 9206
(Past Year: 4)
Joined: 29 Nov 2004
Home Cafe: Football

PreviousNext

Return to General Talk

Who is online

Users browsing this forum: No registered users and 0 guests

cron
Forums Articles & Tips Start & Sit Sleepers Rankings Leagues


Get Ready...
The 2014 NFL season kicks off in 17:03 hours
(and 43 days)
2014 NFL Schedule


  • Fantasy Football
  • Article Submissions
  • Privacy Statement
  • Site Survey 
  • Contact