So my friend got an AIM virus, it sent to all of his buddies, and i didnt have any idea since he sends me links all the time, so i clicked it. He did send me a removal tool, but for some reason some of it did not delete, and when i go to manually delete it, it wont let me. for some reason the DrPMon.dll would not delete says the virus removal tool. Does anyone know of a way to get rid of it. Essentially what the virus did I think, is just sent a bunch of spyware ****, as long as sending it to everyone on my list. I got that taken care of from the removal tool, but I am still getting random pop ups, I have ran both spybot S&D and ad-aware, I have a pop up blocker as well. Any suggestions. Help is much appreciated.
Alright looked into it, and found out that it looks like its running ads through some sort of program. Actually two, Aurora and imGiant, anyone know how to get rid of these things?
I'm assuming this is the tool he sent you. It's updated every day, so try downloading it again. Maybe he sent you a version that's on the old side. http://www.jayloden.com/AIMFix.exe Once you download that, here's what I would tell anyone who has this virus to do: Put this tool on your desktop and run it twice (it literally takes 10 seconds or less to run). Then go through your programs list and uninstall anything that looks spyware-like (be suspicious of anything that says stuff like toolbar, hot deals, shopping, etc., or any size zero programs). And obviously look for the programs you mentioned, Aurora & imGiant. Next, go into Spybot and check your hosts file. To do this first make sure you're in Advanced mode ("Mode" menu), then click Tools -> Hosts File. Hit the red X. If after hitting the red X you see ANYTHING other than "localhost," delete it. Then hit the green +, go to "IE Tweaks" (also under "Tools"), and lock your hosts file. Then run a virus scanner (McAfee, Norton, whatever). Then run whatever spyware programs you got (I use Spybot, AdAware, and Microsoft Anti-Spyware). Why all the extra crap? Here's what this virus does (at least the last iteration I dealt with): supresses task manager, supresses msconfig, infects your hosts file, and dumps a TON of random spyware on your computer. As long as the virus remains, you can remove spyware all day and all night. It won't matter, because the virus will keep going out and getting more. That's why you need to run all this stuff AFTER running the virus removal tool. Now, you say there's a file you're having trouble deleting. If you really did EVERYTHING above already and still no go, boot into safe mode and delete it (I'm assuming you're using XP). There are two ways to accomplish this. One is the old-fashioned way, which is to restart, and while the computer is juuuust starting up (before Windows starts loading), continually tap F8 until it gives you a screen with about 10 options, from which you should pick "safe mode with networking." The other newfangled way to get into safe mode is to do it through msconfig (start menu -> run -> msconfig). Once in msconfig, hit the "BOOT.INI" tab, check the "/SAFEBOOT" tab, then select "NETWORK." Note on the newfangled way: once you're done in safe mode, you'll have to go back into msconfig and change things back, or it will keep booting into safe mode. If you use the F8 method, it will automatically switch back to normal mode. Once you're in safe mode you should be able to browse for the file you're having a problem with and delete it. If you think you might not know all the files you need to delete or where they are, just run your virus scanner in safe mode (some virus scanners cannot function in safe mode, but hopefully you have McAfee, which can). Oh, and after all this stuff is done and you're back in normal mode, go to task manager (ctrl+alt+del) and check how many processes are running. If it's 50 or above, I'd be suspicious. Let me know if all that crap doesn't work (that would surprise me).
