implague Posted August 29, 2009 Share Posted August 29, 2009 hi there, this is my first post i guess ion this forum iam facin a problem in my pc there is a virus "win32sillyfdc"i donno how to remove it moderators plz help me n let come to know how to remove it or deletthere r some posts on the net related to this worm on symantec n mcafee but followin those steps it keeps comin back again so plz i need a quick help Link to comment Share on other sites More sharing options...
Atasas Posted August 29, 2009 Share Posted August 29, 2009 what tools did you use? (just sauin as there is load of malware that isnt malware to harm, just a stuborn redirectory to by some crap)I recomentd http://www.nsanedown.com/?request=16106013and let us know after Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted August 29, 2009 Administrator Share Posted August 29, 2009 Use MBAM by the link given about by Atasas. Scan you PC by it.Then use Microsoft Malicious Sofware Removal Tool. Scan your PC by it. Download it from here - http://www.microsoft.com/downloads/details...;displaylang=enMicrosoft tool has always helped me remove all type of worms on my PC. Once my PC was infected by a stealer, no AV or MBAM detected it. Microsoft tool detected and removed it completely. :yes: Link to comment Share on other sites More sharing options...
BBs Posted August 29, 2009 Share Posted August 29, 2009 Yes, try Malwarebytes Anti-Malware, make a full scan!!if you cant start MBAM then write back, it's a rootkit then! There is an application called Root-Reapel, it can delete the rootkit!(if it is one)And also Try SuperAntiSpyware to scan! Link to comment Share on other sites More sharing options...
LeetPirate Posted August 29, 2009 Share Posted August 29, 2009 Check this page for all the anti-malware apps.I think you should try using Dr Web Cure it, and Kaspersky Virus Removal Tool. Download them and then disconnect from the internet before using them to ensure the virus does not return. Once you clean your system you can also try using Malware Bytes and Trojan Remover to scan to make sure it is gone. Then install a good antivirus or internet security tool.My personal recommendations for antivirus would be NOD32 AV and if you need a firewall as well then Online Armour Free or Comodo works great. To get Comodo firewall you have to install Comodo Internet Security Suite from the anti-malware apps page and only select the firewall option during setup.Hope this helps. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted August 29, 2009 Administrator Share Posted August 29, 2009 I would also recommend turnin off system restore before start scanin. Just in case. Link to comment Share on other sites More sharing options...
HX1 Posted August 29, 2009 Share Posted August 29, 2009 Well the first thing is going to be to find the responsible files for the worm.. Once this is done you need to shred them with a minimal 5 Pass DoD Certified Program.. 'Eraser' is a good one. Next without restarting, download SpyBot Search and Destroy. This program will scan you registry for the entries that are and may be be made by any infiltration and will actively remove them, if infact the program says that various entries cannot be removed, then you should right click open the location ..or manually open regedit.exe.. go to that location and delete the entries. You should check your startup for any unrecognizable .DLL files that are scheduled to start. Make sure you update before you scan and that you kill your temporary files before you check for problems..Check your BHO's and your ActiveX...and make sure you add the Hosts File from SpyBotIf in fact you cannot remove these entries or unlock the files for any such reason, you need to boot from a CD such as BartPE, use Total Commander to navigate to the directory and delete the file(s) responsible.. How to identify the files. In C:\WINDOWS\.. there maybe either .DLL files, or exe's( best when viewed by Detail > Last Modified and Last Created .. they will be at the top of the list and after last modified or created files most likely ) You should be able to identify most necessary files by the digital signature which will pop up when hovered. No digital signature and no connection to any programs that you can connect shred it, only if YOU ARE POSITIVE IT WAS NOT THERE BEFORE..nor required by your system. If it effects any other program it can be re-installed.. but a small price to pay to have it cleaned properly. Next you need to look for any accompanying INI files...or INF...Usually these files will have the same name but have the INI, INF extension.You must do this for the C:\WINDOWS\System32 folder as well....Why do this, well the point comes when your AV will constantly remove the infection.. meaning it keeps coming back. Yes 'Night of the Walking Dead Malware'.. Registry entries, and INI, INF files can repeatedly come back over and over resurrected from your hard drive. Also it will never be completely eradicated unless it is removed from your pagefile and your recycle bin.. Taking these actions will allow this process to proceed.After this if you want to be sure about it, scan with Spybot S&D, scan with a GOOD AV, and Microsoft Malicious Software Removal Tool, found in your C:\WINDOWS\System32 folder as MRT.exe, just in case you can't find it. I usually disconnect from any network when I find I have been infected or something is wrong immediately...and be sure to shred whatever caused it..It is usually a very simple step..You also may want to check your running processes to check for anything that is unidentifiable...Search for the file, and either shred the Directory.. or the file...After your done use a normal registry cleaner and defragger.. You should be good as new after a couple of reboots..if you notice any odd behavior do it again, until you get it all.. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.