Got virus, anyone can help?

google

My laptop got virus infected, something like BankerFox.A, Win32/Nuqel.E, it keep displaying you security alert, and direct you to an anti-spyware web site, and ask you to pay and register.

My computer now is hijacked, most of the applications can not be ran, even takemgr.exe, regedit.exe, so I cannot do any cleanup, Microsoft Security Essential sucks, it just cannot find this virus after the full scan

Anyone have idea how to get ride of this?

always

Try free version of AVG.

google

Try free version of AVG.
always 发表于 2010-5-22 18:15

The problem is I cannot run it, my computer got hijacked

songjiang

试试这个行不行
h t t p://remove-malware.net/how-to-remove-win32nuqele-trojan/
通常我在google上找solution.

swimminginstock

here  is the instruction, it works for my PC.  good luck!

http://www.ehow.com/how_5913667_ ... enter-computer.html

GnGSystem

我也遇到过这样的问题。所有的.exe文件不能执行，所以Firefox也不能打开。

因为.exe被人在regedit里面修改了，所以.exe文件的owner被改动。

我的解决办法是这样的，

1）找到一个.docx文件，连击文件名可以打开这个.docx文件，因为.docx被认为是要用words来启动的。

2）在这个.docx文件里，写上 http://www.google.com, 然后Firefox也可以打开了。

3）Search解决方法，把register改回来，都不用重新启动，问题就解决了。

nwayyield

回复 1# google

You may want to try this:

1) download and installed this Anti-Malware:
    http:// download. bleepingcomputer .com/malwarebytes/mbam-setup.exe
2) start your computer in safe mode.
3) run the Anti-Malware to scan and remove the virus.

Hope this will help. I had the same virus being removed by this Anti-Malware.

Here's a link with detailed instruction:
http:// www. bleepingcomputer .com/virus-removal/remove-security-too

(I can't include any url. please copy & paste the url and remove the blank spaces)

google

回复  google

You may want to try this:

1) download and installed this Anti-Malware:
    http ...
nwayyield 发表于 2010-5-22 18:57

Thanks!
You can send me url through QQH

google

我也遇到过这样的问题。所有的.exe文件不能执行，所以Firefox也不能打开。

因为.exe被人在regedit里面修 ...
GnGSystem 发表于 2010-5-22 18:50

How you change back regedit?

google

here  is the instruction, it works for my PC.  good luck!
swimminginstock 发表于 2010-5-22 18:36

Thank you, I will try

AGA7d

杀毒能耗你几个小时还未必能搞定；最好是新装完机后，先不上网，装上常用软件，再做个硬盘镜像备份。出问题就用镜像恢复就成，一般不到十分钟。

一般中毒是SPYWARE，所以我只装MALWAREBYTE的免费版，碰到小问题很管用。大麻烦（十分钟没杀掉）我就回复镜像。

微软让APPLE壮大，80%-90%是因为SPYWARE问题，这么大的公司，7，8年就编不出个好的杀毒软件？够废物的。

flyingdust

Purchase PC Tools Spyware Doctor which works great for me to remove the same type of virus.  Plus it would give your prompt alert whenever affected by malicious trojans.

ypm968

Delete your antivirus and turn off your firewall program. Download following free softwares and update them to newest version.  Unplug your internet, then run these programs.

Avast Free Antivirus 5.0.545
http://download.cnet.com/Avast-F ... 9223.html?tag=mncol

Trend Micro HijackThis 2.0.2
http://download.cnet.com/Trend-M ... 7353.html?tag=mncol

IObit Security 360 1.41
http://download.cnet.com/IObit-S ... 7594.html?tag=mncol

CCleaner 2.31.1153
http://download.cnet.com/ccleaner/?tag=mncol

ZoneAlarm 9.1.007
http://download.cnet.com/ZoneAla ... 9884.html?tag=mncol

google

谢谢大家, 这是我遇到的最毒的一个病毒，几乎把整个电脑都绑架了
下面的帖子是我在网上找到的，很强大，是所有solution中最有效，最省事的，建议大家读一下，有备无患

http://www.bleepingcomputer.com/ ... move-antivirus-soft

几点建议：

1)下载rkill到你的桌面，文章里有链接，这个病毒发作的时候，所有 executable 文件，包括taskmgr, regedit 都被 disabled，要终止病毒的process，只有点击执行rkill (可能要点击执行好几次，病毒很顽强)

2) 下载火狐，病毒会把IE控制，你只能去病毒指定的唯一网站，但火狐似乎不受病
毒控制，病毒发作时，甚至Google的Chrome都打不开

3) 下载安装Malware Bytes，免费的，当然你也可以付费，安装它的实时病毒监控，不贵，$25

4)微软的Microsoft Security Essential烂透了，几乎就是摆设，千万不要依赖它