TechSpot

Really determined virus

By 5aq1b
Sep 28, 2009
  1. Hi

    I have someone elses laptop to fix as it's somehow obtained a virus. Upon login to vista, an IE window opens up taking me to a auction site called POPEO and also a fake AV is installed called Alpha Antivirus.

    I have a problem, i'm unable to install or run Malware Antibytes, HT, or Super Anti Spyware. Double clicking does nothing and it doesnt even show in the running processes, same goes for within Safe mode!

    So what do I do!?
     
  2. almcneil

    almcneil TS Guru Posts: 1,277

    First, it's spyware not virus. Most persons get this wrong. Viruses typically disable your computer. Spyware has some kind of business intend that can interfere with your computer's performance. You have symptoms of the latter.

    Open MS System Configuration Utility and deselect any obvious spyware programs.

    Start -> Run -> msconfig -> Startup

    If you see anything in the list that resembles the programs causing you grief, remove the checkmark. Then restart.

    Repost with results.

    -- Andy
     
  3. 5aq1b

    5aq1b TS Rookie Topic Starter Posts: 63

    Thanks, i forgot to add that i already did this too and at startup I have running:

    Synaptics pointing device driver
    Mobile me
    Ssbkgupdate (nuance communications)
    Omnipage (nuance communications)
    Cnslmain.exe
    Canon my printer
    Hd audio control panel
    Logmein
    Eset smart security
    Microsoft windows operating system (ehtray.exe)
    SQL server

    Also, a NOD32 scan is running right now and has found alpha AV in its log but it says it will require a restart to delete but I know that it will not delete it after restart. The Nod32 scan didn't work in Safe model
     
  4. Jawshh

    Jawshh TS Enthusiast Posts: 392

    post HJT log
     
  5. 5aq1b

    5aq1b TS Rookie Topic Starter Posts: 63

    thanks but my original post states that I can install HJT in normal mode or in safe mode
     
  6. Jawshh

    Jawshh TS Enthusiast Posts: 392

  7. 5aq1b

    5aq1b TS Rookie Topic Starter Posts: 63

    thanks, the combofix log is attached below:
     
  8. 5aq1b

    5aq1b TS Rookie Topic Starter Posts: 63

    And heres the HJT Log:

    i've also managed to install malware antibytes now and that is running also.
     
  9. Jawshh

    Jawshh TS Enthusiast Posts: 392

  10. 5aq1b

    5aq1b TS Rookie Topic Starter Posts: 63

    thanks ill let u know how i get on
     
  11. 5aq1b

    5aq1b TS Rookie Topic Starter Posts: 63

    cheers guys it does appear im virus free however i think its screwed my network adapters up. I have no net access and when in device manager, the LAN and WIFI adapters have this in the device status:

    Windows cannot start this hardware because its configuration (in the registry) is incomplete or damaged (Code 19)

    DAYUUMN!!!!
     
  12. Jawshh

    Jawshh TS Enthusiast Posts: 392

    You just need to reinstall the drivers. If you need help with that, let me kno the mobo brand or card's brand.
     
  13. 5aq1b

    5aq1b TS Rookie Topic Starter Posts: 63

    thanks im having no luck with this though, please do help. This is my device manager:

    [​IMG]
     
  14. Jawshh

    Jawshh TS Enthusiast Posts: 392

    Uninstalling all these adapters. What laptop is it?
     
  15. 5aq1b

    5aq1b TS Rookie Topic Starter Posts: 63

    A bloody Advent laptop lol
     
  16. Jawshh

    Jawshh TS Enthusiast Posts: 392

    ok. but I need the model number too.
     
  17. 5aq1b

    5aq1b TS Rookie Topic Starter Posts: 63

    advent 9112 mate
     
  18. Jawshh

    Jawshh TS Enthusiast Posts: 392

  19. 5aq1b

    5aq1b TS Rookie Topic Starter Posts: 63

    Thanks for all your help i'm all sorted now. Much appreciated
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...