Speaking from personal experience get a USB drive, go to an internet cafe and download malwarebytes onto the USB drive plug it into your laptop and install while in safe mode and run it it will kill the virus if it doesnt allow you to open malwarebytes, right click and hit open as adminstrator. that will work
I also want to point out to everyone; if you have Sun's Java run-time, uninstall it. There's a security hole that allows theses websites to install virus' on your computer simply by visiting the sites.
There's a registry fix you can download that makes it to where it won't startup when you restart your PC. Then you can run Malwarebytes.
Hotblooded had the easiest solution. I did exactly the same thing and solved the problem. I would not recommend deleting registry entries to neophytes asking for advice. If they are clever enough to edit the registry, they could have solved it with less intrusive methods by now. He is clearly not tech savvy enough to solve the issue, if he is asking for advice on a message board.
I don't think it's necessary in this case. Machines get hijacked all the time (and by quite a lot worse). If it's viruses/malware etc then often you can take them out without a OS re-install. If things are corrupted, then you're ****ed unless you have a good restore point archive.
Agreed. It's like having a new engine installed, every time a car needs an oil change. It's easier to just remove the malware, then to reinstall the os and a backup. It can be especially troublesome, if the virus was backed up also. Then, you have to download the antivirus program to a usb drive and still run it anyway. I speak from experience. It's faster to just clean it than to format, reinstall, restore, and then clean it again when you discover the malware again.
THIS. I have rkill on m desktop, anytime i run into one of these viruses, i just click rkill... it stops the viruses from running, then proceed to use malwarebytes to remove the virus. Note, that without rkill, these viruses can stop u from running malwarebytes.
This is correct. There's also a version of RKILL that's marked as a screen saver in case the trojan isn't letting you run .exe files. In addition, I've found that even after it's gone, it can leave behind some damage. Most notably that all your file associations are gone (ie when you try to open a progam the "Open With.." dialog box opens instead). I've found that there are plenty of fixes for this, you just have to google for 'file association fix' with your OS to find them. www.dougknox.com has a good collection of them. Also, I've seen that after the malware is gone Windows/Microsoft update no longer works, in fact the whole automatic update service is gone. I've fixed this two ways: either 1) running the Combofix (found here: http://www.bleepingcomputer.com/combofix/how-to-use-combofix ) scanner will restore it or 2) downloading and reinstalling Automatic Update Services from Microsoft. These malwares have been a pain in the ass for years, but unfortunately they are only getting better at being so.
^^^Agreed. Also, as a poster on page 1 wrote. There are like 6 different versions of Rkill available (he gave the exact bleeping computer link), under different names / file type in case the malware keeps you from running the .exe. These things have added another trick to their book, and that is adding the +h making all the files hidden tricking the user into thinking they lost everything. If you ever get a malware, www.bleepingcomputer.com should be your first stop. Great guides if you wish to clean out the registry manually, and always provides fantastic links to programs they have created such as rkill and unhide.exe
ive had this **** like 5 times on various computers in different forms. i got rid of it with the rkill method all but one where I just gave up and did a system restore (it was on my netbook which i only use for web browsing, didnt lose anything important) the people who make this **** are seriously scum of the earth. i dont get it.
I've gotten this a bunch of times watched streamed Rockets/NBA games and yes I have both an antivirus and malwarebytes protection on but it still happens. Installing AdBlock Plus seems to be helping so far though.
