1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Need help locating a virus

Discussion in 'Virus & Other Malware Removal' started by cookingguy, Jan 23, 2006.

Thread Status:
Not open for further replies.
  1. cookingguy

    cookingguy Thread Starter

    Mar 6, 2004
    ok this is what i have and what is going on... i have a dell inspiron 1000 with xp sp2...
    theres a virus on it and i cant locate it, the virus is sending out emails and wont let me change the desktop propertys (background) i have ran nortons, kaspersky lab and avwin anti virus in both normal and safe mode... it found some virus's and delted them, in both normal and safe mode.. hijack this found a few things i fixed them... im still having the same problem.. .the computer didnt have any anti virus on it, now it has nortons systemworks 2004 and nortons firewall... and its still trying to send out emails every now and than... but i still cant change the desktop background display...

    any thoughts on where to look and what to do to fix this.. i even went to MS website and did a live scan thru them... it found nothing.....

    thanks for any help or advice

  2. cookingguy

    cookingguy Thread Starter

    Mar 6, 2004
    ive even tried doing a system restore on the computer and it wouldnt let me do one..

    thanks again
  3. MFDnNC


    Sep 7, 2004
    * Click here to download smitRem.exe.
    • Save the file to your desktop.
    • It is a self extracting file.
    • Doubleclick the smitRem.exe and it will extract the files to a smitRem folder on your desktop.
    • Do not do anything with it yet. You will run the RunThis.bat file later in safe mode.

    * Download the trial version of Ewido Security Suite here.
    • Install ewido.
    • During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
    • Launch ewido
    • It will prompt you to update click the OK button and it will go to the main screen
    • On the left side of the main screen click update
    • Click on Start and let it update.
    • DO NOT run a scan yet. You will do that later in safe mode.

    * Click here for info on how to boot to safe mode if you don't already know how.

    * Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode.

    * Restart your computer into safe mode now. Perform the following steps in safe mode:

    * Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
    Wait for the tool to complete and disk cleanup to finish.

    * Run Ewido:
    • Click on scanner
    • Click Complete System Scan and the scan will begin.
    • During the scan it will prompt you to clean files, click OK
    • When the scan is finished, look at the bottom of the screen and click the Save report button.
    • Save the report to your desktop

    * Go to Control Panel > Internet Options. Click on the Programs tab then click the "Reset Web Settings" button. Click Apply then OK.

    * Next go to Control Panel > Display. Click on the "Desktop" tab then click the "Customize Desktop" button. Click on the "Web" tab. Under "Web Pages" you should see an entry checked called something like "Security info" or similar. If it is there, select that entry and click the "Delete" button. Click OK then Apply and OK.

    * Restart back into Windows normally now.

    * Run ActiveScan online virus scan here

    When the scan is finished, anything that it cannot clean have it delete it. Make a note of the file location of anything that cannot be deleted so you can delete it yourself.
    - Save the results from the scan!

    Post a new HiJackThis log along with the results from ActiveScan
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/436622

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice