So uh... i was cracking a program to get the music off my iphone and i've been totally pwned by a virus.

Basically it's the hugest dirty bitch i've ever dealt with.

It's currently blocking all antivirus updates currently on my computer.

blocking installation of any new ones.

blocking all access to online virus scanning sites and to the regular antivirus sites.

it's also blocked access to my DVD drive such that i can't see it or get to it by going to d:

online searches for virus solutions get blocked, and any searches send me to a stupid front page for nothing... kinda like hitting a website that doesn't exist but it shoots you to those stupid header sites.



so yeah... i'm not really sure what to do. I'm currently looking at a post on techguy and trying to use that info but this is a super huge pisser. I know i'm an idiot... :(

F8 to boot into safe mode? Bring over antivirus from other computer on pen drive? I'm sure there's a startup CD antivirus out there somewhere. You'd have to configure your bios to boot from CD though.

I had a friend with a similar problem.

Even if you're lucky enough to get AVG or similar downloaded, it won't let the service start at the end of installation.

Here's what worked for me:

CounterSpy - http://www.sunbeltsoftware.com/Home-Home-Office/Anti-Spyware/

and Avast - http://www.download.com/Avast-Home-Edition/3000-2239_4-10019223.html?part=dl-AvastHome&subj=dl&tag=button&cdlPid=10888427

I'm not sure why Avast was able to install and AVG and some others weren't.

Run both of those and update them if it will let you. If it won't let you to either site to download them, I can upload 'em on yousendit or megaupload.

Avast has a boot time scan (CounterSpy might too if I recall), and after a couple scans they cleared everything up.

I'd try IN's advice above first. Safemode doesn't always cooperate with installations and new services though.

One more thing -- go to your hosts file in your
windows\system32\drivers\etc folder and clean it up. Often times these malwares add the anti-virus software sites and update sites to this list which prevents you from loading them.

Good luck

This is the shizz - unzip John's FREE Malware Removal Kit (http://www.elitekiller.com/files/rogueremoval.zip) to a thumb drive, and follow the directions (these are in a .mht file in the kit):

http://www.elitekiller.com/malware.htm

Also, here are some free bootable CDs (which you'll have to download and burn on another PC if you want to try them):

http://www.askvg.com/download-free-bootable-rescue-cds-from-kaspersky-bitdefender-avira-f-secure-and-others/

http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/

boom thx guys got it fixed... finally

techguy.org is fantastic.

counterspy


oh **** it's still here... fook me!

Yeah, you gotta get rid of it, then update your stuff, then you'll find it randomly in your system restore files and random stuff like that.

If you REALLY want to clean it, you'll need to boot from a CD or thumb drive & run the scanners from there, and do it over & over until there's no trace of the virus left.

However, your best bet is to format & reload. That's the only way to really be sure you got all of it. Plus, I'm guessing you probably already spent more time trying to remove it than a reload would have taken... I've been there, done that.

More from the Raymond.cc blog (http://www.raymond.cc/blog/) on bootable rescue CDs (http://www.raymond.cc/blog/archives/2008/12/11/13-antivirus-rescue-cds-software-compared-in-search-for-the-best-rescue-disk/)...

pffft, reformat is for sissies.

try malwarebytes.

So even if you hook it up to an external drive or a secondary drive?

So even if you hook it up to an external drive or a secondary drive?

Well, yeah, you could slave an infected drive to another PC, but why disassemble or take a chance on infecting a second PC when you could use a rescue disc (as I've linked above).

Just a thought...

i tried a couple of combinations, and malwarebytes and a couple others seem to have gotten rid of it.

the boot issues, blocked sites, dvd drive issues are all gone.

I'm going to keep trying a new free AV for the next week or so until i'm pretty confident it's gone. It seems to be though...

It's hard to be sure that all malware is gone once your system in compromised, especially if you're dealing with trojans. I've always told people just to do a quick reformat and be done with it. It's really not a big hassle if you keep your documents and files tidy and easy to backup.

/hugs his mac