Cosmic
ComNet Lord
[VE-ARMY] Major General
[VE-DJO] Krath Prophet(ess)
[VE-VEEC] Chief Editor
Post Number: 4891
Total Posts: 7772
Joined: Sep 2000
Status: Offline
|
Virus Advice
|
|
October 15, 2006
4:45:28 PM
|
|
I got a virus last night in the form of a "codec update". I downloaded the update and eventually ended up with a virus that had a blinking icon on my taskbar that stated "critical system error" and kept trying to get me to download something called Virus Buster or something.
I uninstalled it, removed all folders that I could find, cleared my cache, history, cookies, temporary internet files, had a disk cleanup and made a full system scan twice (first time it caught and quarantined 3 files that were posed as "risk" and the second scan revealed no viruses or threats).
During the installation, a new folder appeared the My Computer category. I have a folder titled My Documents, but a new folder within My Computer entitled "My name's Documents" was created, and it is an exact replica of My Documents. I cannot delete the folder as a hole. Since I removed the viruses, that folder still remains, and now I get periodic popups/advertisements stating that a trojan of some sort was detected on my system, and that I should download their security updates or software. I'm also getting some porno page popping up, and it's starting to really piss me off.
Any suggestions would be greatful. I have already sent in a support ticket to Symantec with the description of my problems, so I'm hoping to hear from them... whenever. -----------------------
Cleric "Cosmic" Vor'soth
CoT/MG Cosmic/HCA-3/SL/Drill Squad/Tadath/VEA/VE
[OPE][OTH][OPA][EW1][CDS][IH][GS][LM][SoS][CRoM][CoH][PoC][MSM][SCP][SoA][IOC]
-----------------------
Cleric "Cosmic" Vor'soth
SL/KPR Cosmic/Lion 1-1/Lopen/VEDJ/VE
[VP][WoS2][KC1][SoY][EoP][OAK]
----------------------- |
Garet Daimun
ComNet Member
[VE-ARMY] Gunnery Sergeant
Post Number: 930
Total Posts: 1348
Joined: Aug 2005
Status: Offline
|
RE: Virus Advice
|
|
October 15, 2006
5:04:43 PM
|
|
Codec update for what? -----------------------
Jester Squad
+ Advance Recon Commandos {ARC} +
SL/GSG Garet Daimun/1SQD/2PLT/1COM/1RGT/1BAT/Tadath/VEA [ES2C] [IH]
Life is for the strong, to be lived by the strong, and, if needs be, taken by the strong. The weak of the world were put here to give the strong pleasure. I am strong. Why should I not use my gift?
-Zaroff, Most Dangerous Game |
Cosmic
ComNet Lord
[VE-ARMY] Major General
[VE-DJO] Krath Prophet(ess)
[VE-VEEC] Chief Editor
Post Number: 4892
Total Posts: 7772
Joined: Sep 2000
Status: Offline
|
RE: Virus Advice
|
|
October 15, 2006
6:02:28 PM
|
|
Windows Media Player I believe. -----------------------
Cleric "Cosmic" Vor'soth
CoT/MG Cosmic/HCA-3/SL/Drill Squad/Tadath/VEA/VE
[OPE][OTH][OPA][EW1][CDS][IH][GS][LM][SoS][CRoM][CoH][PoC][MSM][SCP][SoA][IOC]
-----------------------
Cleric "Cosmic" Vor'soth
SL/KPR Cosmic/Lion 1-1/Lopen/VEDJ/VE
[VP][WoS2][KC1][SoY][EoP][OAK]
----------------------- |
Cosmic
ComNet Lord
[VE-ARMY] Major General
[VE-DJO] Krath Prophet(ess)
[VE-VEEC] Chief Editor
Post Number: 4893
Total Posts: 7772
Joined: Sep 2000
Status: Offline
|
RE: Virus Advice
|
|
October 15, 2006
6:27:51 PM
|
|
Note: there is a folder in Program Files titled MMediaCodec that I can't delete due to it having an error come up saying "make sure the file is not in use". -----------------------
Cleric "Cosmic" Vor'soth
CoT/MG Cosmic/HCA-3/SL/Drill Squad/Tadath/VEA/VE
[OPE][OTH][OPA][EW1][CDS][IH][GS][LM][SoS][CRoM][CoH][PoC][MSM][SCP][SoA][IOC]
-----------------------
Cleric "Cosmic" Vor'soth
SL/KPR Cosmic/Lion 1-1/Lopen/VEDJ/VE
[VP][WoS2][KC1][SoY][EoP][OAK]
----------------------- |
Arturus
ComNet Expert
[VE-NAVY] 2nd Lieutenant
Post Number: 1543
Total Posts: 2143
Joined: Nov 2001
Status: Offline
|
RE: Virus Advice
|
|
October 15, 2006
7:23:43 PM
|
|
Reboot in safe mode and delete the files. When you are done, empty your recycling bin (duh) and run an anti-virus scan. -----------------------
WADJ, SPAC/2LT Corran "Arturus" Hargraves/SCR Doashim/VE/VEN/(=A=)(=SA=)(=*MA*=)(=JCPA=)(=SCPA=)[MC:1](x2)[SV][BRC][VC:B][CBV][GWC][LSM][LoC]
"The way of war is a way of deception. When able, feign inability; when deploying troops, appear not to be. When near, appear far; when far, appear near. Lure with bait; strike with chaos. If the enemy is full, be prepared. If strong, avoid him. If he is angry, disconcert him. If he is weak, stir him to pride. If he is relaxed, harry him; if his men are harmonious, split them. Attack where he is unprepared; appear where you are unexpected. This is victory in warfare; it cannot be divulged in advance. Victory belongs to the side that scores most in the temple calculations before battle. Most spells victory; least spells defeat; none, surer defeat. I see it in this way, and the outcome is apparent." -- Sun Tzu
"Ultimate excellence lies not in winning every battle but in defeating the enemy without ever fighting." -- Sun Tzu |
Cosmic
ComNet Lord
[VE-ARMY] Major General
[VE-DJO] Krath Prophet(ess)
[VE-VEEC] Chief Editor
Post Number: 4894
Total Posts: 7772
Joined: Sep 2000
Status: Offline
|
RE: Virus Advice
|
|
October 15, 2006
9:32:36 PM
|
|
Will the folder/files even be deleted in Safe Mode you think?
Also, with the folder replication of My Documents (entitled My Name's Documents), what do I do with that? I'm pretty sure I saw it pop up (being created) when those files were being installed.
I'm going to talk to Symantec too :P -----------------------
Cleric "Cosmic" Vor'soth
CoT/MG Cosmic/HCA-3/SL/Drill Squad/Tadath/VEA/VE
[OPE][OTH][OPA][EW1][CDS][IH][GS][LM][SoS][CRoM][CoH][PoC][MSM][SCP][SoA][IOC]
-----------------------
Cleric "Cosmic" Vor'soth
SL/KPR Cosmic/Lion 1-1/Lopen/VEDJ/VE
[VP][WoS2][KC1][SoY][EoP][OAK]
----------------------- |
Darr-Rann
ComNet Member
[VE-ARMY] Sergeant
[VE-VEEC] Reporter
Post Number: 930
Total Posts: 1587
Joined: May 2005
Status: Offline
|
RE: Virus Advice
|
|
October 16, 2006
9:40:52 AM
|
|
Get a second antiviral program - I recommend AVG Free Edition (google it). -----------------------
Raiders
SL/SGT_Darr-Rann/3SQD/1PLT/1COM/1RGT/1BAT/VEA/VE/Tadath [LoR][CoR]
|EXO/WO2_Demonic/Kaph 5/PheonixWing/mSSD Atrus/DEF/VEN/VE| (=*A*=)(=*SA*=)(VC:B)(MC2)(VEB)(DSM)[BWC]{O1}-=TOP PILOT=-
SERGEANT
WARRANT OFFICER, 2ND CLASS
Communications Technician
Part time Webmaster Guy
"DICTATOR DARR" |
Cosmic
ComNet Lord
[VE-ARMY] Major General
[VE-DJO] Krath Prophet(ess)
[VE-VEEC] Chief Editor
Post Number: 4896
Total Posts: 7772
Joined: Sep 2000
Status: Offline
|
RE: Virus Advice
|
|
October 16, 2006
11:17:51 AM
|
|
Forget the "My Name's Documents" thing. -----------------------
Cleric "Cosmic" Vor'soth
CoT/MG Cosmic/HCA-3/SL/Drill Squad/Tadath/VEA/VE
[OPE][OTH][OPA][EW1][CDS][IH][GS][LM][SoS][CRoM][CoH][PoC][MSM][SCP][SoA][IOC]
-----------------------
Cleric "Cosmic" Vor'soth
SL/KPR Cosmic/Lion 1-1/Lopen/VEDJ/VE
[VP][WoS2][KC1][SoY][EoP][OAK]
----------------------- |
Twin Blade
ComNet n00b
[VE-ARMY] Private
Post Number: 10
Total Posts: 100
Joined: Oct 2006
Status: Offline
|
RE: Virus Advice
|
|
October 16, 2006
11:49:13 AM
|
|
I also reccomend the AVG free edition. |
etan evnstar
ComNet n00b
[VE-NAVY] Crewman
Post Number: 8
Total Posts: 423
Joined: Oct 2006
Status: Offline
|
RE: Virus Advice
|
|
October 16, 2006
7:37:39 PM
|
|
Sorry, I am new here but, I too have the AVG free edition and it's great. It pretty much stops everything ever. -----------------------
Grammer, mechanics, punctuation, spelling, diction, effectiveness in the science, and larger elements are the facts at hand. |
Yillis
ComNet Member
[VE-ARMY] Corporal
[VE-VEEC] Gaming Reporter
Post Number: 720
Total Posts: 1598
Joined: Mar 2005
Status: Offline
|
RE: Virus Advice
|
|
October 16, 2006
8:48:50 PM
|
|
Avast! works for me -----------------------
Corporal Yillis
-=Wraith Squad=- -=TRP=-
TRP/CPL Yillis/4SQD/1PLT/1COM/1RGT/1BAT/VEA /VE /Tadath [LoR] [WM] [GS]
Rep/GameRep Yillis/GameRep: 6/Gaming Division/VET /VE |
Arturus
ComNet Expert
[VE-NAVY] 2nd Lieutenant
Post Number: 1544
Total Posts: 2143
Joined: Nov 2001
Status: Offline
|
RE: Virus Advice
|
|
October 17, 2006
6:37:59 PM
|
|
Cosmic in safe mood you can delete those files. Safe mode only boots up system critical files; you cannot use the internet and most of your files in safe mode. Symantec will tell you that any virus that creates prefetch files has to be dealt with through the safemode feature. If you can figure out what the virus is search symantec for their solution, print out the pages and follow the instructions. Sometiems it can take a while but you will fix it. If, as I suspect, it has created prefetch files then you definitely need to consult Symantc to get a list of windows registry changes to make. -----------------------
WADJ, SPAC/2LT Corran "Arturus" Hargraves/SCR Doashim/VE/VEN/(=A=)(=SA=)(=*MA*=)(=JCPA=)(=SCPA=)[MC:1](x2)[SV][BRC][VC:B][CBV][GWC][LSM][LoC]
"The way of war is a way of deception. When able, feign inability; when deploying troops, appear not to be. When near, appear far; when far, appear near. Lure with bait; strike with chaos. If the enemy is full, be prepared. If strong, avoid him. If he is angry, disconcert him. If he is weak, stir him to pride. If he is relaxed, harry him; if his men are harmonious, split them. Attack where he is unprepared; appear where you are unexpected. This is victory in warfare; it cannot be divulged in advance. Victory belongs to the side that scores most in the temple calculations before battle. Most spells victory; least spells defeat; none, surer defeat. I see it in this way, and the outcome is apparent." -- Sun Tzu
"Ultimate excellence lies not in winning every battle but in defeating the enemy without ever fighting." -- Sun Tzu |
Cosmic
ComNet Lord
[VE-ARMY] Major General
[VE-DJO] Krath Prophet(ess)
[VE-VEEC] Chief Editor
Post Number: 4918
Total Posts: 7772
Joined: Sep 2000
Status: Offline
|
RE: Virus Advice
|
|
October 21, 2006
2:15:17 AM
|
|
I got rid of it. After finding out that I couldn't use my System Restore (kept getting a message saying that it was unsuccessful... and finding out that a Virus can be capable of disrupting restore points, it finally came down to reinstalling my Norton Internet Security. It ran a full system scan, and this time actually found a higher-threat trojan: trojan.zlob. (and 2 other malicious trojan files). Anyway, all three were removed and am no longer having any trouble.
Whoop dee doo. -----------------------
Cleric "Cosmic" Vor'soth
CoT/MG Cosmic/HCA-3/SL/Drill Squad/Tadath/VEA/VE
[OPE][OTH][OPA][EW1][CDS][IH][GS][LM][SoS][CRoM][CoH][PoC][MSM][SCP][SoA][IOC]
-----------------------
Cleric "Cosmic" Vor'soth
SL/KPR Cosmic/Lion 1-1/Lopen/VEDJ/VE
[VP][WoS2][KC1][SoY][EoP][OAK]
----------------------- |
AlanRJ
ComNet Novice
[VE-ARMY] Private First Class
Post Number: 41
Total Posts: 1795
Joined: Aug 2006
Status: Offline
|
RE: Virus Advice
|
|
October 21, 2006
6:16:30 AM
|
|
|
Twin Blade
ComNet Novice
[VE-ARMY] Private First Class
Post Number: 50
Total Posts: 100
Joined: Oct 2006
Status: Offline
|
RE: Virus Advice
|
|
October 24, 2006
3:52:13 PM
|
|
wOOt, goodbye virus....XD -----------------------
~_^
TRP/PFC Twin Blade/2SQD/1PLT/1CMP/1REG/1BAT/Tadath/VEA |
|
