Hi guys,
As I told some of you, I had some strange problems with my PC so I tried to use an online anti-virus to see if there was something wrong with my PC. This is the web site I was trying to contact and was blocked by my PC (the virus was blocking it):
http://www.kaspersky.com/kos/eng/partner/default/languages/english/check.html?n=1226680184135
I tried to search the internet to find some information about it and found out that the problem was due to a program that hides itself from both the anti-virus and anti-spyware programs and it is installing itself on the PC via corrupt JPEG files through a stupid bug in Microsoft Windows that gives total control of the operating system to a routine inside the JPEG image if the image cause a line-data-over-run exeption (or something like it, I don’t remember exactly).
Then this is how I solved the problem by first closed all the applications including the anti-virus and anti-spyware that I had. Also, turned off all other un-necessary programs I was using (Ctrl-Alt-Delete and killed all the tasks I did not wanted to use, can be dangerous if you do not know what you are doing) then ran the Hijackthis.exe
http://www.majorgeeks.com/download3155.html
You can ask for experts on MajorGeeks or other online sites to help you get rid of the programs that load into memory on startup. Then download and run ComboFix, to make sure you will not have any problem, save the file as “Combo-Fix.exe” (exactly this) and no blocking virus or worm will be able to prevent it from running.
Download ComboFix from one of these locations:
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe )
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe )
Link 3 (http://subs.geekstogo.com/ComboFix.exe )
* IMPORTANT !!! Save ComboFix.exe to your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
For me, it took 3 re-boots to clean up my PC, so it may take one or 2 for most of you.
The PC was about 3 times faster after following these steps!
Here are some additional utilities that will enhance your safety
MVPS Hosts file (http://mvps.org/winhelp2002/hosts.htm) <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer. See also a hosts file tutorial here (http://malwareremoval.com/forum/viewtopic.php?t=22187)
GOOD LUCK!
No comments:
Post a Comment