I just recently noticed that when I log onto Warcraft, it causes my miscrosofrt security essentials to lose malware protection. The green icon turns red. This happens every time.
I’m running a scan right now with MSE.
Operating System
MS Windows Vista Home Premium 64-bit SP2
CPU
AMD Athlon 64 X2 6000+ 52 °C
Brisbane 65nm Technology
RAM
4.00 GB Dual-Channel DDR2 @ 387MHz (5-5-5-18)
Motherboard
ASUSTeK Computer INC. M2A-VM (Socket AM2 ) 40 °C
Graphics
LCD TV (1360x768@60Hz)
512MB GeForce 9600 GT (EVGA) 51 °C
Hard Drives
488GB Hitachi Hitachi HDP725050GLA360 ATA Device (SATA) 44 °C
Optical Drives
TSSTcorp CDDVDW SH-S202H ATA Device
Audio
Realtek High Definition Audio
Spybot can’t remove this one, even with me as admin, and they had me downlad their root analyzer (in Beta), but no luck there either.
I’m not familiar with that particular strain (nor, it would appear, is Google or Bing), but a common mistake that folks make in attempting a virus eradication is leaving System Restore active. How did you discover alleged name of this bug (I’m assuming MSE)? If you’re able to associate it with any specific registry values or files, take a look there.
Try this:
Turn off system restore
Run your favorite (up-to-date) AV software
Hit it with MalwareBytes Anti-Malware (MBAM) and Spybot
For good measure, RegClean and Hijack This scans can’t hurt
Turn System Restore back on (if you want to)
Cross fingers and hope for the best
Best option is to just reformat. The name of the virus you gave is next to useless since virus gives themselves random names so you can’t google it. The time it would take to figure out what virus it is exactly then having to go through the procedure of removing it would probably take longer then a reformat. If you really don’t want to reformat get some free AV like Avast then set it to boot scan, that’s your best chance of picking it up.
Remember which ever AV you use do boot scan , thats vital to picking it up as they tend to hide themselves if the operating system is loaded in. If you are root kited then you are pretty much screwed as that would require more then clearing out the virus in safe mode.
This is never the best option. It’s like using dynamite to fix a hangnail. I’ve been fixing viruses for years and only once had to do this (only because its hard drive drivers didn’t allow me to use a CD), even with rootkits.
Run Malwarebytes and it will fix it 90% of the time. If that doesn’t work, try SuperAntispyware.
Why the recommendation to turn off system restore? If you don’t have a good restore point, then I agree with you and RealityChuck that MalwareBytes is the way to go. But the last time I got hit, I simply restored to a recent point and I was back up and totally clean in less than 10 minutes.
Finally got SpyBot to remove it. I have been trying to uninstall AVG Free 2012, and it kept hanging up on my machine. Also, I now know that MSE is not 100% reliable about catching malware/viruses, but it is free.
What do you guys think about APP Remover? I just downloaded it and it removed a bunch of stuff (registry cleaners) that I didn’t need.
I’m a sucker for free stuff and anything that keeps my machine running faster for my gaming, but I think it gets me in a mess sometimes.
So I kept Spybot and MSE (and APP Remover of course).
Thanks, again for helping me out, y’all. Don’t know what I’d do withoutcha!
Saved me a trip to the repair place, you did, you did!
Okay, I just let SpyBot run again, and the computer is still clear of that virus. I ALMOST did a System restore, but didn’t and ran SB as the administrator.
Is there a way to run EVERYTHING on my machine as an admin without actually having to go in and choose it?
Only thing that still bothers me is that my machine takes a hell of a long time to boot up compared to a month ago, but I clean my registry regularly and I have plenty of space.
The other reason is that the infection may be present as a completely benign file in the system restore archive - and will continue to be detected as a threat, bit the AV software won’t be able to remove it from the archive, which is protected.
