It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Help with virus removal pls.
page: 12
share:
On my pc I am infected with the Trojan Horse downloader generic12.bsu virus.
I found a website to manually remove it, but I don't see it in the task manager.
I'm on my mac right now, but the pc is in the other room and I can easily get to it.
I also did a scan ( another site telling me how to remove this virus) and it found a
CRAZY number of errors, then it wanted me to buy and register to fix them.
Here's the site I found to manually remove it.
virusremovalhelps.com...
Can someone help me out, please?
I can remove it if I know what to look for in the task manager.
AVG will not remove it, and I could not even do a system restore.
I found a website to manually remove it, but I don't see it in the task manager.
I'm on my mac right now, but the pc is in the other room and I can easily get to it.
I also did a scan ( another site telling me how to remove this virus) and it found a
CRAZY number of errors, then it wanted me to buy and register to fix them.
Here's the site I found to manually remove it.
virusremovalhelps.com...
Can someone help me out, please?
I can remove it if I know what to look for in the task manager.
AVG will not remove it, and I could not even do a system restore.
edit on 19-11-2012 by virraszto because: (no reason given)
Try going to Trend Micro Housecall Online Scanner and downloading the installer.
It will then install updates from their website and ask you to agree to terms etc, then run a scan. we used to use this at work years ago, it's changed a lot but same idea. It used to run from inside IE, it might still, if you use IE.
It hopefully should find and get rid of it, I've not heard of it before tho..
It will then install updates from their website and ask you to agree to terms etc, then run a scan. we used to use this at work years ago, it's changed a lot but same idea. It used to run from inside IE, it might still, if you use IE.
It hopefully should find and get rid of it, I've not heard of it before tho..
Try Malwarebytes and SUPERAnti-Spyware. Both are free and worth a shot.
PS - Needless to say, but both programs are very effective at finding and getting rid of problems. They get good reviews and are recommended by many.
PS - Needless to say, but both programs are very effective at finding and getting rid of problems. They get good reviews and are recommended by many.
edit on 2012.11.19 by TravisBickle451 because: PS
reply to post by virraszto
make a note of the file paths listed in the scan.
Start your PC in SAFE MODE. You can look up how to do this online.
Once your computer is in SAFE MODE, click on the Windows START button (usually in the lower Left corner), click on RUN, and then type:
msconfig
Hit Enter and this will bring up the System Configuration Utility.
Go to the Start Tab and uncheck all the listings for programs starting up on computer start that you don't want, especially those that follow the path of the infection noted in your scan.
After all the unchecking is done, apply and close the System Configuration Utility, but don't restart.
Next, go to Start, then Run, and then type:
Regedit
Hit enter and this will bring up the Registry Editor.
You'll have to expand and scroll down through the tree to
HKEY LOCAL MACHINE -> SOFTWARE -> Microsoft -> Windows -> Current Version -> RUN
Once you click on the RUN folder you'll see some of the similar listings you've unchecked in MSCONFIG listed off to the right hand side of the editor.
Highlight and delete the listings describing paths listed in your virus scan.
Do so for stuff you don't want to start automatically on system start.
Close Registry editor when done.
Next, follow the file paths described in your virus scan, and manually delete the offending infected files.
Empty your trash bin.
Run a full system scan with the latest virus definition updates while you are in SAFE MODE.
When done, you should be clean.
All this takes quite a bit of time, but, if you want to be clean, it will indeed take time.
Nothing worth having should be expected to be easy.
Restart your computer and be happy.
Keep your virus definitions up to date, and stay away from websites that could get you dirty.
If you can't avoid the urge to go to suspect websites, or downloading suspect material, then, boot to an OS on CD like Knoppix Linux, or just use your Mac.
make a note of the file paths listed in the scan.
Start your PC in SAFE MODE. You can look up how to do this online.
Once your computer is in SAFE MODE, click on the Windows START button (usually in the lower Left corner), click on RUN, and then type:
msconfig
Hit Enter and this will bring up the System Configuration Utility.
Go to the Start Tab and uncheck all the listings for programs starting up on computer start that you don't want, especially those that follow the path of the infection noted in your scan.
After all the unchecking is done, apply and close the System Configuration Utility, but don't restart.
Next, go to Start, then Run, and then type:
Regedit
Hit enter and this will bring up the Registry Editor.
You'll have to expand and scroll down through the tree to
HKEY LOCAL MACHINE -> SOFTWARE -> Microsoft -> Windows -> Current Version -> RUN
Once you click on the RUN folder you'll see some of the similar listings you've unchecked in MSCONFIG listed off to the right hand side of the editor.
Highlight and delete the listings describing paths listed in your virus scan.
Do so for stuff you don't want to start automatically on system start.
Close Registry editor when done.
Next, follow the file paths described in your virus scan, and manually delete the offending infected files.
Empty your trash bin.
Run a full system scan with the latest virus definition updates while you are in SAFE MODE.
When done, you should be clean.
All this takes quite a bit of time, but, if you want to be clean, it will indeed take time.
Nothing worth having should be expected to be easy.
Restart your computer and be happy.
Keep your virus definitions up to date, and stay away from websites that could get you dirty.
If you can't avoid the urge to go to suspect websites, or downloading suspect material, then, boot to an OS on CD like Knoppix Linux, or just use your Mac.
edit on 19-11-2012 by Druscilla because: (no reason given)
Never mind. Follow Druscilla....
edit on 11/19/2012 by Ex_CT2 because: (no reason given)
reply to post by Druscilla
Thanks for the reply and info, but I don't see anything in my task manager that I can identify as the virus.
This virus creates filenames that are very similar to system files.
On avg, I see the path
C:/System Volume Information
and
C:/Program Files/Youtube to Mp3converter
I delete the second one yesterday and tried to do system restore, but I don't see the first one, or know where to find it. I don't see
C:/system anywhere.
Thanks for the reply and info, but I don't see anything in my task manager that I can identify as the virus.
This virus creates filenames that are very similar to system files.
On avg, I see the path
C:/System Volume Information
and
C:/Program Files/Youtube to Mp3converter
I delete the second one yesterday and tried to do system restore, but I don't see the first one, or know where to find it. I don't see
C:/system anywhere.
I use Kaspersky... no problem with such things, as of yet... anyway you can try this
KASPERSKY
used by geek-squad...
review the product information... the program is free, and it lists what you should do before and after running the tool.
KASPERSKY
used by geek-squad...
review the product information... the program is free, and it lists what you should do before and after running the tool.
edit on 11/19/2012 by
Shdak because: Review product info...
edit on 11/19/2012 by Shdak because: (no reason given)
reply to post by virraszto
Disregard AVG. Turn it off.
"System Volume Information" is a hidden folder where your restore files are kept. They're disabled by the virus; the virus also hides pieces of itself in there. That's why AVG is alerting on it. Those will be removed with a good antivirus. Malwarebytes, as mentioned above, is good.
Try to follow Druscilla. If you don't understand an instruction, be specific....
Disregard AVG. Turn it off.
"System Volume Information" is a hidden folder where your restore files are kept. They're disabled by the virus; the virus also hides pieces of itself in there. That's why AVG is alerting on it. Those will be removed with a good antivirus. Malwarebytes, as mentioned above, is good.
Try to follow Druscilla. If you don't understand an instruction, be specific....
edit on 11/20/2012 by Ex_CT2 because: (no reason given)
It might be worth doing a reformat of the computer if the advice given from other members does not work. It's sort of a last resort, but it's an
effective one. A successful format will remove all system/personal files and require a clean install of an operating system. Just ensure you have
backed up all your important non-infected files (like music, movies, photos, documents etc.) before you do this though.
To do this you will need a genuine non-corrupted operating system disc (including any relevant serial keys), a working external hard drive, an internet connection and a few spare hours.
To do this you will need a genuine non-corrupted operating system disc (including any relevant serial keys), a working external hard drive, an internet connection and a few spare hours.
You shouldn't mess with the "registry" in regedit, unless you really know what you're doing.
You CAN damage your PC.
I trust Malwarebytes and Superantispyware as someone else suggested.
Good Luck.
You CAN damage your PC.
I trust Malwarebytes and Superantispyware as someone else suggested.
Good Luck.
reply to post by Shdak
I like KASPERSKY so far. I have tried the above listed so far but KASPERSKY has been very effective.
I like KASPERSKY so far. I have tried the above listed so far but KASPERSKY has been very effective.
Run MRT on you default windows. Type "mrt" on the search and run the program. Full Scan.
Download Malwarebyte or other similar programs. Run Full Scan.
Run you Anti-Virus. Full Scan.
Always best to run multiple Scan.
Do it overnight cause Full Scan takes hours.
Download Malwarebyte or other similar programs. Run Full Scan.
Run you Anti-Virus. Full Scan.
Always best to run multiple Scan.
Do it overnight cause Full Scan takes hours.
To the OP : If you really do have generic12.bsu then there are guides that give detailed instructions on how to get rid of it.
Heres one from a site that i trust.
Remov e Trojan Horse Downloader Generic12.BSU (Removal Guide), How To Remove Trojan Horse Downloader Generic12.BSU
I might be better than just randomly trying each virus killer because someone said they like it (especially if they dont know if its even any good at getting rid of the specific infection)
Heres one from a site that i trust.
Remov e Trojan Horse Downloader Generic12.BSU (Removal Guide), How To Remove Trojan Horse Downloader Generic12.BSU
I might be better than just randomly trying each virus killer because someone said they like it (especially if they dont know if its even any good at getting rid of the specific infection)
edit on 20-11-2012 by PhoenixOD because: (no reason given)
From your first screenshot, it looks like one of your system restore points are infected, so if you are doing system restores you are reinfecting
yourself.
I suggest you reboot into safemode then run anti-malwarebytes. When malewarebytes says your clean, remove all your restore points and then create a fresh one.
I suggest you reboot into safemode then run anti-malwarebytes. When malewarebytes says your clean, remove all your restore points and then create a fresh one.
edit on 21/11/12 by Kr0nZ because: (no reason given)
new topics
-
Any one suspicious of fever promotions events, card only.
The Gray Area: 13 minutes ago -
God's Righteousness is Greater than Our Wrath
Religion, Faith, And Theology: 4 hours ago -
Electrical tricks for saving money
Education and Media: 7 hours ago -
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News: 9 hours ago -
Sunak spinning the sickness figures
Other Current Events: 9 hours ago -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues: 10 hours ago -
Late Night with the Devil - a really good unusual modern horror film.
Movies: 11 hours ago
top topics
-
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News: 9 hours ago, 9 flags -
Cats Used as Live Bait to Train Ferocious Pitbulls in Illegal NYC Dogfighting
Social Issues and Civil Unrest: 13 hours ago, 8 flags -
Electrical tricks for saving money
Education and Media: 7 hours ago, 4 flags -
HORRIBLE !! Russian Soldier Drinking Own Urine To Survive In Battle
World War Three: 17 hours ago, 3 flags -
Sunak spinning the sickness figures
Other Current Events: 9 hours ago, 3 flags -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues: 10 hours ago, 3 flags -
Late Night with the Devil - a really good unusual modern horror film.
Movies: 11 hours ago, 2 flags -
The Good News According to Jesus - Episode 1
Religion, Faith, And Theology: 15 hours ago, 1 flags -
Any one suspicious of fever promotions events, card only.
The Gray Area: 13 minutes ago, 1 flags -
God's Righteousness is Greater than Our Wrath
Religion, Faith, And Theology: 4 hours ago, 0 flags
active topics
-
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs • 50 • : andy06shake -
Any one suspicious of fever promotions events, card only.
The Gray Area • 0 • : Cavemannick -
God's Righteousness is Greater than Our Wrath
Religion, Faith, And Theology • 1 • : andy06shake -
Sunak spinning the sickness figures
Other Current Events • 7 • : xWorldxGonexMadx -
HORRIBLE !! Russian Soldier Drinking Own Urine To Survive In Battle
World War Three • 33 • : Degradation33 -
How ageing is" immune deficiency"
Medical Issues & Conspiracies • 34 • : angelchemuel -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues • 13 • : Freeborn -
Mood Music Part VI
Music • 3101 • : ThatSmellsStrange -
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News • 41 • : ThatSmellsStrange -
New whistleblower Jason Sands speaks on Twitter Spaces last night.
Aliens and UFOs • 55 • : baablacksheep1
2