Computer help forum: virus attack

Your mention of trojans leads to all sorts or possibilities for malware.. And because you mention that it won't start correctly because of the fake message at startup, you'll need to create a bootdisc scanner which should clean out much of that junk BEFORE startup.

On separate clean computer, download the free Avira Rescue Disc program and create a bootable rescue disc using the instructions below. Once that's done, boot the computer using the Rescue disc and make sure to select the option to "Rename files" per the instructions, then run the scan using the disc.. You don't need to login to your computer as the rescue disc will run "outside" of Windows.

Avira AntiVir Rescue System

After the disc is created, follow these instructions to run it:

Tutorial for Avira Rescue CD

After running the scan using the tool above, reboot the computer and install your favorite removal tool.. If that doesn't get it done, then follow the rest of the instructions in the link below to run "rkill" and using Malwarebytes and SuperAntispyware to clean things up.


Download ALL of the tools below on a separate, CLEAN computer and copy them to a CD or flash drive, then transfer them to the problem machine. (If you can download the tools on the problem machine, fine, but many times the infection will not allow you to download files correctly.)

First, please download and run the following tool to help allow the removal programs below to run. (courtesy of Grinler at BleepingComputer.com)
There are 4 different versions. If one of them won't run then try to run the other one.
Vista and Win7 users need to right click and choose Run as Admin
You only need to get one of them to run, not all of them.

Rkill.exe http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill.com http://download.bleepingcomputer.com/grinler/rkill.com
Rkill.scr http://download.bleepingcomputer.com/grinler/rkill.scr
Rkill.pif http://download.bleepingcomputer.com/grinler/rkill.pif
_____________________

IMMEDIATELY after running the "Rkill" tool above, run/install the Malwarebytes and SuperAntispyware installer and update files from the links below which you've also copied to a CD or flash drive, and transfered to the problem machine. Do NOT restart the computer after running Rkill.

Once downloaded and before transferring Malwarebytes and SuperAntispyware to the problem machine, rename the program installer "mbam-setup.exe" file to something else like "Gogetum.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Gogetum.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.

Malwarebytes Installer Download Link (Clicking on the links below will immediately start the download dialogue window.)
http://www.besttechie.net/tools/mbam-setup.exe

Malwarebytes Manual Updater link
http://www.malwarebytes.org/mbam/database/mbam-rules.exe

Next, install and run a full system scan with the SuperAntispyware program and the manual updater from the links below. As before, you may need to rename the installer file to get the program to install.:

SuperAntispyware
http://www.superantispyware.com/

SuperAntispyware Manual Updater
http://www.superantispyware.com/definitions.html
____________

In a few situations, in order for the program to run, it was also necessary to rename the main "mbam.exe" file also after installing it.. It resides in the C:\Programs Files\Malwarebytes Antimalware folder....
_____________________

Hope this helps.

Grif

hi , edward and grif, well thanks for the replies. i shall go through all the links and tutorials and shall get my sister to watch them too..as for her computer, we had to re-install the windows on it and then we went ahead and installed some antivirus software before using it any further..hopefully a cautious approach should prevent future problems..thanks anyways..bye.