Announcement

Collapse
No announcement yet.

Stupid Worm!!!

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Stupid Worm!!!

    I don't know if this is the right place or not...but I am going to ask for some advice anyway.

    The wireless internet here SUCKS! I somehow got a worm via "I have no freaking idea", and I can't get rid of it. Every time that I scan it with McAfees it says it quarantined it, but it doesn't and crashes my laptop. Every time that I scan it with Avast!, it says it has to scan it in reboot mode because it is in my system memory. So I let it reboot and scan, but it does nothing!

    It disables my firewalls and sucks my bandwidth something fierce. A friend of mine says that my best bet would be to re-format my computer. I don't really want to, is there some other way?
    "Dirtboy is super awesome, and chicks dig him too!"- Everyone




  • #2
    Re: Stupid Worm!!!

    Before you reformat, do this:

    1) Install Avast/AntiVir/some AV program to a removable flash drive. Afterwards, unplug the flash drive.

    2) Unplug/disable your wireless card.

    3) Reboot your computer and enter Safe Mode without Networking

    4) Scan your system using the AV program installed to the flash drive.

    Come back and tell us if you had any luck.
    |TG-18th| Acreo Aeneas
    TG World of Tanks Clan Executive Officer
    Former 9th & 13th

    Pronounciation: Eh-Cree-Oh Ah-Nay-Ess
    Still can't say it? Call me Acorn then. -.-





    SSDs I Own: Kingston HyperX 3K (240 GB), Samsung 840 Pro (256 GB), Samsung 840 EVO (250 GB), Samsung 840 x 2 (120 GB), Plextor M5S (120 GB), OCZ Vertex (30 GB)

    TG Primer and Rules

    Comment


    • #3
      Re: Stupid Worm!!!

      first what is the worm called? get me that and i can do alot more.
      that sounds like a good idea trooper.
      -Vulcan

      Comment


      • #4
        Re: Stupid Worm!!!

        @ Acreo

        I tried that yesterday and it still came up with the same results. It must restart the computer so it can scan it during the reboot.

        @ Trooper.

        I don't know what it is called, but I think it is ndetect.exe, file.bat, gcc.exe. Here are the system drivers that seem to be causing all the headaches.

        1. b7fc18e7.sys
        2. e9672d85.sys


        It seems like it attacks my WINDOWS/Systems32 and drivers alot. Also, I am looking at my avast on board mail scanner and it is doing some wierd things. It seems to be scanning spam mail...hmm.
        "Dirtboy is super awesome, and chicks dig him too!"- Everyone



        Comment


        • #5
          Re: Stupid Worm!!!

          Originally posted by Dirtboy View Post
          @ Acreo

          I tried that yesterday and it still came up with the same results. It must restart the computer so it can scan it during the reboot.

          @ Trooper.

          I don't know what it is called, but I think it is ndetect.exe, file.bat, gcc.exe. Here are the system drivers that seem to be causing all the headaches.

          1. b7fc18e7.sys
          2. e9672d85.sys


          It seems like it attacks my WINDOWS/Systems32 and drivers alot. Also, I am looking at my avast on board mail scanner and it is doing some wierd things. It seems to be scanning spam mail...hmm.


          sounds like a version of the sasser virus. Let me do some searching to find my old tools for removal.
          that sounds like a good idea trooper.
          -Vulcan

          Comment


          • #6
            Re: Stupid Worm!!!

            http://www.bleepingcomputer.com/comb...o-use-combofix

            Very good at removing viruses that use randomly named regenerating .sys files. small chance that it'll delete a necessary windows file and force a repair install so I don't suggest just anybody uses it. Can be run from safe mode. Just copy to desktop and run it and let it do it's thing.

            If you're only other option appears to be a reformat, it's worth a go.

            If the virus won't let it run (some disable it specifically) just rename the file to something like Installer.exe and restart. That usually is enough to bypass it.
            a.k.a. NinjaPirateAssassin
            Celibacy is not Hereditary.
            Everybody should believe in something - I believe I'll have another drink.
            Happiness is like wetting your pants, everyone can see it but only you can feel the warmth.
            Flying is easy, Just throw yourself at the ground and miss!

            Comment

            Connect

            Collapse

            TeamSpeak 3 Server

            Collapse

            Advertisement

            Collapse

            Twitter Feed

            Collapse

            Working...
            X