Virus/spyware/hijack blah blah blah what do I do

Can you open Outlook?

If you can just go to Tools and Address Book, Select All and drag them across to a new file on a memory stick. I used to do this but I haven't used Outlook since the dark ages. They will appear as yellow envelopes in your file.

Best to reload if the computer has the feature. You can save all your docs 1st. Reload only takes 10 mins and the computer will regain its speed. I reload every 8 months or so just for that.

You can also drag your inbox, sent, etc emails across to a file and put them back when reloaded. From memory they are white envelopes.

 

Can't reboot into safe mode? Now that's ugly.

To recover/copy your email find your Outlook PST file and copy it to a thumb drive (search for *.pst). Make sure you uncheck the hidden files for the search. You can import it after the computer is fixed (or to another machine).

Is it a PC or a laptop? If you need to reformat...

Option 1 - ATA Hard Drives: Install a new hard drive (remove the old one) and load the O/S and apps on it. Then shutdoown, connect your old HD to the CD/DVD cable (ribbon and power), boot up and you'll see two drives (primary and secondary). Then copy all of your stuff to the new HD.

Option 2 - SATA Hard Drives: Basically the same but you might have to do the Master/Slave for the two HDs instead of connecting to the DVD cable. Make sure you get a SATA cable with the new HD is you don't already have a spare inside the box.

After you've copied from old to new, reformat the old HD and use it for file storage afterwards, you'll save a lot of trouble in the future. Also, consider redirecting your "My Documents" and Outlook's data storage to the secondary HD as well.

If you're using a laptop, then, well, there are 20 other options to consider...

http://www.geeks.com/techtips/2005/techtips-010605.htm

 

Get a copy of Malwarebytes download using another computer
run Malwarebytes from thumbdive
reboot run it again.
If you can run this program
This should fix it

worked for me with a bad trojan

 

WAIT:
I just fixed my friends computer from this same problem. Fortunately I was able to knock it out able to use Malwarebytes to knock it out, but wait theres more

Make a boot cd using this:
http://www.nu2.nu/pebuilder/

Install the program with the cd, boot from it, run scan, clean house.

If you have an extra thumb drive install it onto a thumb drive and make it bootable, Its a great thing to have if this ever happens again.

 

Yeap, as Asian1118 mentions, the only sure way of fixing this issue without the need of formatting is using a CD Bootdisk which has apps on it that can scan the hdd at a low level. Make sure you goto BIOS to change settings to allow CD to boot 1st. (should double check to make sure this isn't the reason the thumb drives arent working b4 windows).

Afew of the antiV companies provide such boot disks for free.
http://dnl-eu10.kaspersky-labs.com/devbuilds/RescueDisk/ 100mb~
http://download.bitdefender.com/rescue_cd/BitDefenderRescueCD_v2.0.0_07_08_2008.iso 450mb tho this one is abit more hardcore as it loads much like a linux live cd so you can do def updates and also detect rootkits etc.
http://www.f-secure.com/linux-weblog/files/f-secure-rescue-cd-release-3.00.zip 150mb
http://trinityhome.org/Home/index.php?wpid=107&title= provides 4 diff AV apps. Live CD.




Unless the registry is corrupt or its a root kit, you shouldn't need to format.
Good luck.
Also once you are clean install the Comodo Firewall with Proactive defence so in the future if this happens again Comodo alerts you before the trojan gets a chance to execute or inject DLL's.

 

Combofix.exe

 

How do you make a boot cd??

 

If you are talking about making a boot disk from one of the links in this thread such as Kaspersky or BitDefender then all you need to do is burn the iso image to a blank CD. The key here is burning it as an image file - not opening the iso and copying the contents to a CD - that will leave you with the files on a CD that won't boot. The exact methods will vary depending on your burning software but in Nero for example you cancel the wizard that normally runs when you open the program and go to "recorder" and then "burn image" from the top menu.

If you are talking about making some disk containing a collection of individual files such as utility programs bootable then there is more to it. Plenty of articles on the web about it but you would need a boot.img file and possibly some system files from your operating system as a starting point. Much easier to use something that already exists and there are several very good collections of utilities out there that are bootable once you burn the iso to disk.

 

I've found that quitting surfing teen porn sites helps. And I can type faster with both hands too.

 

Good suggestion, I just used it to get rid of trojan.buzus that has been on haunting one of the laptops.

 

did you reimage the computer or format the drive to reinstall windows? sometimes those viruses can hide in the system restore data -- just reinstalling windows doesnt always cure the problem. A reimage should wipe the drive clean and put you back to a clean slate.

 

Also try AppRanger. www.appranger.com

Cleans very well and prevents infections even if you click on a infected link.

 

Looks interesting but I'm always a little leery of companies with little or no contact information - in this case there is no physical address provided and the telephone and site ownership comes back as a residential address.

 

Small company!?

Anyway it cleans for free and does a very good job. A good and free resource for anyone going through the pain of infected computer.

Has decent testimonials from customers pointing to legit sites.

 

I had a virus, and was able to get rid of some of it through task manager, but whenever i start-up my lap-top i get this .dll error(can't remember the actual name of it). How can i get rid of this?

 

What is the error? That would help

 

It is Pgoqs(eveb).dll, i think, i am not sure about the part in parenthesis, i will post the actual one tomorrow. But the Pgoq part is correct.

 

Bah, so it's been a couple days, i meant to post this a long time ago.

Here is the error i keep getting whenever my computer starts up:

C:\WINDOWS\Pgoqesebeva.dll

With the text: "The specified module could not be found."

Any ideas on how i get rid of this?

 

You can search for Pgoqesebeva.dll in the registry and delete that key. It may work if your PC does not have any more virus.

Or, run a scan with AppRanger. After the scan finished look for "Pgoqesebeva.dll" in the "Unclassified" tabs. Delete it reboot the PC. If the problem does not go away, PM me.

 

"Start" - "Run" type "regedit" (with no quotes) when regedit opens find "HKEY_LOCAL_MACHINE" and expand it then find SOFTWARE then MICROSOFT then WINDOWS then CURRENT VERSION then RUN. Once you are in the RUN section you should see a line in the panel on the right referencing Pgoqesebeva.dll. Highlight the entire line and delete it.