I am pretty sure I have a virus on my computer, actually I am positive I do. It is hesitating big time just to write this message. I have crash my computer once before and a co-worker of mine came over to fix it. I had to start completely over, which I don't mind. I have been backing up (burning on to disc) what I feel I need to for the past couple of days. Since I am not taking any college course at the moment, I really only use the computer to communicate and job search.

My question is... how does one attempt to remove a virus or is it even possible to do so without having to hundreds of dollars? I don't mind if I have to start over and re-download all my software and the music I have on the computer can be re-downloaded again as well.

The only thing of importance are my pictures I have taken, although if I have burned most of them onto discs... will the pictures I recently have burned carry a virus if I send them to other people later? (especially after resolving this issue) I truly am a rookie about computers (the internal aspects) and virus status.

What about replacing the hardrive? What is the best thing for me to do?

Also, after I crashed my computer the last time (about a year ago or more), I never did reinstall an antivirus protection software program. Ugh. I know better now.

Gosh, this took forever to write...

format the drive and wipe it clean...its as easy as that

MostBeautifulGrlNTheWorld said:

That's a good way of doing it...also you may want to see if you can install a virus protection program and run it to get rid of your virus.

You can do a free online scan of your hard drive here:

http://us.mcafee.com/root/mfs/?cid=9913

It'll at least start to identify any viruses you may have that you haven't detected yet...then do what Apples and Jess suggested..lol

Good luck..

Byron said:

WOW...that's so cool! I didn't know such a think existed Does it have a way to fix the problem too?

applekisses said:

Yeah, buy the software...

Byron said:

I knew there was a catch! Those bastards!!!

MostBeautifulGrlNTheWorld said:

What does this mean? What do I have to do to format the drive and wipe it clean? Thank you, by the way.

Freespirit said:

Reinstall your OS aside from throwing your P.C. across the room . Also you may want to consider installing Spybot and Adaware on your P.C.. I hope my suggestions have been helpful.

Does your comp have any recovery discs or anything like that? If so, use 'em. It'll wipe everything out and you'll think you have new computer

I had to do this a few months back when I got a virus, and it worked just fine

Freespirit said:

That's actually possible. Any files you saved while your computer's 'sick' are possibly infected

If you have Norton (or a similar anti-virus program) you can probably scan them for anything before you put them back on your comp or email them.

Nikster said:

Do the Mc.Affee virus scan as Byron suggested above: http://us.mcafee.com/root/mfs/?cid=9913 but then:

Download AVG Anti-Virus from http://www.grisoft.com
Go to Windows Update and scan for Security Patches at http://windowsupdate.microsoft.com
Download the free version of Ad-Aware from http://www.lavasoftusa.co...e/adaware/
Get a free firewall from http://www.zonelabs.com/s...wnload.jsp

If you still have problems after that, try using Spybot Search and Destroy http://www.safer-networki...index.html

You may also have tracking cookies. Deleting all your cookies is a bad idea as some of them are useful. Use a cookie viewer so you can save the useful cookies from sites you trust. There's a good free cookie viewer here http://www.karenware.com/...cookie.asp

I think that wiping your hard drive is a bit drastic. All this software is free and works brilliantly.

Ok, I did a couple of scans... and it turned out (at stated), I have about 40 different infected files.

C Drive 28
My Documents 0
Windows File 15

A huge majority came from a virus called Vundo

Risk Assessment
- Home Users: Low
- Corporate Users: Low
Date Discovered: 8/20/2004
Date Added: 8/20/2004
Origin: Unknown
Length: 458,752 bytes (EXE)
Type: Trojan
SubType: Win32
DAT Required: 4388

Virus Characteristics
At the time of writing AVERT has received a few submissions of this program from the field. It bears the following characteristics:

decrypts and drops a DLL file to the victim machine. The DLL appears to be intended to harvest data from the victim machine.
drops a second EXE to the victim machine. This component appears to be related to Adware-Virtumundo .
Upon execution, VMTEMP.TMP is written to the local temporary directory, for example:

C:\DOCUMENTS AND SETTINGS\USER\LOCAL
SETTINGS\TEMP\VMTEMP.TMP (387,133 bytes)
When this file is executed the following Registry key is added:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\RunOnce "*(filename)"
Two DLLs are also installed to the victim machine, both 86,016 bytes in size. The filename used is random, but a .DAT file extension is used. For example:

TMW.DAT (86,016 bytes)
The following CLSIDs are added for these DLLs:

HKEY_CLASSES_ROOT\CLSID\
{8109AF33-6949-4833-8881-43DCC232B7B2}
HKEY_CLASSES_ROOT\CLSID\
{2316230A-C89C-4BCC-95C2-66659AC7A775}
The DLLs may be installed as Browser Helper Objects (BHOs) on the victim machine via the following keys:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Explorer\Browser Helper Objects\
{8109AF33-6949-4833-8881-43DCC232B7B2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Explorer\Browser Helper Objects\
{2316230A-C89C-4BCC-95C2-66659AC7A775}
The following keys are also added:

HKEY_CLASSES_ROOT\ATLEvents.ATLEvents
HKEY_CLASSES_ROOT\ATLEvents.ATLEvents.1
Various data is then sent to a remote server (via HTTP). This includes:

version information
crash history
affiliate ID
One of the DLLs (actually uses .DAT file extension) is loaded within the legitimate EXPLORER.EXE process, which may lead to misleading alerts from any software firewall when the remote connections are initiated.

Indications of Infection
Existence of Registry keys details above.
Outgoing traffic to following remote server:
virtumonde.com

Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial. Distribution channels include IRC, peer-to-peer networks, newsgroup postings, etc

Removal Instructions
All Users :
Use current engine and DAT files for detection and removal.

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

Additional Windows ME/XP removal considerations

Aliases
Adware.VirtuMonde (Symantec), Troj/AgentSpy-A (Sophos)Current Threats Add to Your Site
Virus Advisory
W32/Sober.j@MM is a Medium Risk worm.
Virus Advisory
W32/Mydoom.ah@mm is a Medium Risk virus.
Virus Advisory
W32/Bagle.bd@MM is a Medium Risk worm.
Virus Search

Free Virus News More


Related Links
Security News Network Online Guide for Parents Help with Removing a Virus Report a Virus Anti-Virus Tips Report Suspicious Activity eSecurity News Archives We also recommend...

Keep your PC safe. Automatically checks for virus updates, so your protection stays up-to-date.

Now what the fuck do I do.

Hotlegs said:

What is OS? (forgive me) ~Clueless~

I don't mind wiping my hard drive clean, how do I go about?

Freespirit said:

althom said:

Allistair, now is not the time.

Freespirit said:

Ok! Do you have Nortons Systems Work?

althom said:

I don't have a damn thing, that is why I want to know what direction to go... there are so many softwares (I don't mind paying for) if it is what I need. Or... should I just clean out my system and seemingly start fresh. I could use a fresh start right about now in more ways than one.

I could use a beer.

... now's the time.

~I'm a geek~

If you have a walmart near you, you can get norton from there, if ya don't want to download.


If you wanna wipe your harddrive and start over, make sure you have a copy of the OS (operating system) on disc, otherwise you won't be able to do anything after you.

Like I mentioned before, if your computer came with any sort of 'recovery disc', your best bet would be to use it. It'll wipe your harddrive, *and* re-install everything, so you won't have to deal with it.

Freespirit said:

Well.....Norton's Systems Work has everything on it to fix any problems with the computer as well as having a anti virus check on it. It will scan all your emails and look after the computer for you.
You might need to take your computer into get fixed first though.....then get this loaded onto it.

If you run a good Antivirus program (with the latest updates installed), it should be able to remove most of the viruses on your system. Also scan your computer with a program like AdAware or Spybot, to get rid of any spyware or adware the antivirus program overlooked.

Some viruses and spyware are stubborn and will continue to reinstall themselves after you remove them and reboot. In this case, when you go to do a scan again, you will see them show up once again.

When this happens, jot down the names of them, and do a search on google for how to manually remove them.

It's not that hard, and the instructions are usually written out very explicitly.

You can check to see what programs load up each time you start your computer and disable ones you do not need or those that seem suspicious. From your Start menu, choose Run, and type "msconfig" then hit OK. Choose "Selective Startup" then click the Startup tab, and remove the check marks from anything you don't need. If you aren't sure what each one does, do a search on Google for each file name, or pay attention to the file path listed next to it, and you can usually figure out what program it belongs to. When you're done, you will be prompted to reboot for the changes to take effect.

Also, if your computer starts running real slow, hit Control + Alt + Delete and click on the Processes tab. This will list all the programs currently running on your computer, and you can see which ones are consuming the most memory. Jot down the names of the ones that are hogging up a ton of memory, and do a google search on them to see what they are. If its something you are sure you don't need, just select it and click "End Task". You may also have to go back to the Sytem Configuration Utility and remove it from the list of startup items as well, so it doesnt come back next time you reboot.

most of my softare that came with the computer is for Win98, I am now running on Windows XP.

...

I am on phone right now, I will come back to read all this in a sec.

Thank you.

Nikster said:

Can you call me?

~Smile.

Nikster said:

I'm not aware of any viruses that are transmitted by image files, which are simply viewed, not run like an executable file. But I could be wrong... ever since switching to a Mac, I really haven't needed to worry about viruses.

Freespirit said:

Umm...if I had access to a phone

I added you to my yahoo tho

matt said:

Yep, unfortunately, there is a glitch that can now allow viruses to be embedded in images. It's called something like "GDI Exploit" or something like that...

Freespirit said:

You should really try and remove the viruses first before reformatting. After you reformat, you will have to reinstall all the software you need on your computer, not to mention run all the windows updates all over again, all the antivirus updates, etc. If you are on dialup that will take ages.

There is a lot of valuable information here for a rookie like me, printing it up. So... if I vanish from cyberspace and can't be found... you can guess... I literally fudged my computer up.

I need to run to the grocery store for some last minute items for tomorrow... I doubt if I will tackle this computer issue tonight, or maybe I will (later).

Ugh!

Best wishes all and thank for the information.

...perhaps my next computer will be a Mac.

~Smile.

Or maybe I will just move away to isolation, live off the land... meet the perfect creative/spiritual soul, write a book and teach all the mountain children. Yes, sounds good to me.

No computer is needed.