Lap Top Has Virus

[okie556]

This is actually called a hijacker. It holds your computer hostage while behaving as if you have an actual virus. They attempt to blackmail you into buying their 'antivirus program'. You can remove it, without losing anything. It takes about 15 minutes.

No one could or would tell me how to remove without losing all my stuff. As stated before I had recently backed up so lost very little and all extra programs had install left on them. Hope it never happens again but if it does how does one go about removing??

 

[TrailDust]

One thing you need to remember when removing any kind of malware on a Windows computer is to dump System Restore before beginning the removal process. If you don't do that the malware will reinstall itself and you're back to square one. Also, as a preventative measure on a Windows-based computer, you should regularly wipe the file slacks and free space on the hard drive in order to prevent malware like the Ravage virus (which are written to the "unused" portions of a hard drive) from sitting undetected until its launch criteria are met. Food for thought.

 

[okie556]

One thing you need to remember when removing any kind of malware on a Windows computer is to dump System Restore before beginning the removal process. If you don't do that the malware will reinstall itself and you're back to square one. Also, as a preventative measure on a Windows-based computer, you should regularly wipe the file slacks and free space on the hard drive in order to prevent malware like the Ravage virus (which are written to the "unused" portions of a hard drive) from sitting undetected until its launch criteria are met. Food for thought.

When you say "wipe the file slacks and free space" is that the same as disk defrag??

 

[IXLR8]

If you think you have been infected, pull the power plug. Do not shutdown or press the power button. Many of the most difficult parts to remove are installed on shutdown. When restarting force a previous save point to start. I have been able to beat the Security tool by doing that.

If you ever click on a website that pops up a box that forces you to click on it, DON'T, even if it is the close X. If you know how to do it, kill the process for the browser. If you don't know how PULL THE PLUG.

Almost all Windows viruses are enabled because of 2 factors, being logged in as an administrator, and using Internet Explorer. If you log in as user without Administrator privilege, it is very difficult to infect your system.

Until recently Adobe .pdf format files contained all sorts of hacks and exploits. You can avoid many by using the latest Chrome browser which "sandboxes" or isolates all internet sites to an area that cannot access the operating system calls.

 

[TrailDust]

When you say "wipe the file slacks and free space" is that the same as disk defrag??

No, those programs simply move data around your drive, and if data does not exist in a specific location or if data does not need to be moved, no data is written to that portion of the drive. Pretty much all "system maintenance" software bundles contain a data wiping feature, but if you don't have one of those suites there's a number of freeware programs out there that will wipe your free space and file slacks from a single-pass wipe to Gutmann-level 35-wipe pass. For this kind of malware preventative measure all you need for your setting is a single-pass wipe. Let me know if you need additional info, I'd be glad to help.

Edit: For anyone running a Mac you have a wiping tool included in your Disk Utilities, which can be used for the same purpose.

 

[okie556]

If you think you have been infected, pull the power plug. Do not shutdown or press the power button. Many of the most difficult parts to remove are installed on shutdown. When restarting force a previous save point to start. I have been able to beat the Security tool by doing that.

If you ever click on a website that pops up a box that forces you to click on it, DON'T, even if it is the close X. If you know how to do it, kill the process for the browser. If you don't know how PULL THE PLUG.

Almost all Windows viruses are enabled because of 2 factors, being logged in as an administrator, and using Internet Explorer. If you log in as user without Administrator privilege, it is very difficult to infect your system.

Until recently Adobe .pdf format files contained all sorts of hacks and exploits. You can avoid many by using the latest Chrome browser which "sandboxes" or isolates all internet sites to an area that cannot access the operating system calls.

Thanks for info on pulling the plug! I was using Internet Explorer when Security Tool got me.....when I reset my laptop I switched over to Fire Fox. Don't know if it's any better.....so far so good.

 

[okie556]

No, those programs simply move data around your drive, and if data does not exist in a specific location or if data does not need to be moved, no data is written to that portion of the drive. Pretty much all "system maintenance" software bundles contain a data wiping feature, but if you don't have one of those suites there's a number of freeware programs out there that will wipe your free space and file slacks from a single-pass wipe to Gutmann-level 35-wipe pass. For this kind of malware preventative measure all you need for your setting is a single-pass wipe. Let me know if you need additional info, I'd be glad to help.

Edit: For anyone running a Mac you have a wiping tool included in your Disk Utilities, which can be used for the same purpose.

Thanks for the help offer Trail Dust......if I need anything I'll PM you.

 

[TrailDust]

Thanks for info on pulling the plug! I was using Internet Explorer when Security Tool got me.....when I reset my laptop I switched over to Fire Fox. Don't know if it's any better.....so far so good.

You might try Opera as a browser for two reasons: Firefox has become buggy and more of a target for malware, and because less than 5% of internet users use Opera it's seldom targeted by malware authors. Food for thought.

Thanks for the help offer Trail Dust......if I need anything I'll PM you.

No problem. PM me any time and I'll be glad to lend a hand.

 

[okie556]

I'll give Opera a try.

 

[kingofwylietx]

Funny enough, I had to remove this from a coworkers pc this morning. I restarted in safe mode, used RKill to stop the process, then ran MalwareBytes. Good for now. I didn't mess with the deleting the restore point, as he came to me immediately when it happened). I might put Chrome on his pc, as this is the second time in a month that he's picked up something like this (the first one was different, this one was system tool).

 

[TrailDust]

Deleting System Restore is the surest way to prevent accidental reinfection, but if you don't dump System Restore I'd certainly run two or more virus scans like Housecall, etc., to verify that nothing is resident in System Restore.

 

[okie556]

WOW! Damn thing screwed up again. Instead of shutting down last night I used Log Off feature. When I open up this AM have pop ups that read: C:\Windows\system32\AVGRSSTX.DLL is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media support or contact your systems administrator or the software vendor for support. I can close out about 30 of these pop ups as the come up and everything keeps working. Is the AVG Anti Virus I installed last week the problem?? Should I unistall? Sick of this crap!!

 

[smschulz]

AVGRSSTX.DLL is AVG (not very good btw).

Install AVG and use MS Security Essentials (for Real Time Protection) and install MalwareBytes for occasional alternate scans.
Both Free and work great.

 

[okie556]

AVGRSSTX.DLL is AVG (not very good btw).

Install AVG and use MS Security Essentials (for Real Time Protection) and install MalwareBytes for occasional alternate scans.
Both Free and work great.

Okay....but let me be sure what your saying. Should I first UNINSTALL the AVG program that's on my laptop? Your reply say INSTALL AVG. Thanks in advance for help.

 

[TrailDust]

This may be a dumb question, but have you contacted AVG support yet? Sounds to me like the AVGRSSTX.DLL library file has been corrupted either by a virus, trojan, or other malware, or it could simply be a registry error. Given the infection you mentioned earlier I'd highly suspect a corruption due to the malware. Contact AVG and see what they say. Personally, I'd pull your computer completely off the internet, dump System Restore, uninstall AVG, run a registry cleaner like CCleaner, reinstall AVG, reconnect to the internet and update your antivirus files, run AVG, run multiple free online scanners, and with all that hopefully you're home free. If you still have problems you're in deep doo doo.

 

[okie556]

This may be a dumb question, but have you contacted AVG support yet? Sounds to me like the AVGRSSTX.DLL library file has been corrupted either by a virus, trojan, or other malware, or it could simply be a registry error. Given the infection you mentioned earlier I'd highly suspect a corruption due to the malware. Contact AVG and see what they say. Personally, I'd pull your computer completely off the internet, dump System Restore, uninstall AVG, run a registry cleaner like CCleaner, reinstall AVG, reconnect to the internet and update your antivirus files, run AVG, run multiple free online scanners, and with all that hopefully you're home free. If you still have problems you're in deep doo doo.

Thanks.....I'll uninstall AVG and follow rest of your suggestions.

 

[smschulz]

Okay....but let me be sure what your saying. Should I first UNINSTALL the AVG program that's on my laptop? Your reply say INSTALL AVG. Thanks in advance for help.

Sorry, meant to say UN-Install the AVG and do not re-install.
NO AVG period.

 

[okie556]

Sorry, meant to say UN-Install the AVG and do not re-install.
NO AVG period.

Un-Installed AVG (purchased for 39.99 didn't know you could get for free) and no difference at all. Guess I'll do a reset to original factory setting like I did to get rid of Security Tool. Or maybe I can go back to restore a few days before the AVG crap started.

 

[smschulz]

Un-Installed AVG (purchased for 39.99 didn't know you could get for free) and no difference at all. Guess I'll do a reset to original factory setting like I did to get rid of Security Tool. Or maybe I can go back to restore a few days before the AVG crap started.

Maybe use the UNINSTALL TOOL from AVG .
Sometimes a normal unintstall does not remove everything.
You can always find the file if it exists and delete it and then do a registry search for the refernece and delete that ~ although I would use the cleaner tool I referenced above.

 

[ROGER4314]

Like some of the others, I've had nothing but problems with Norton and MaAffee. In fact, once I re-upped Norton and it refused to re-new the service. It took my money just fine.

One of my former students got me onto "Malwarebytes" for a free download and AVG. I get it that you are trying to get rid of both but I've never had a pinch of trouble with either one of them. My experience has been positive with both programs.

Flash