My computer has the STAR SECURITY TOOL virus. It wont let me open AdAware or Spybot Search and Destroy. It wont let me restart in safe-mode. It wont let me download anything. I went to the store and bought the AdAware PLUS... and the fucking virus won't even let me run the cd. I have Comcast and can download McAfee for free.. but the virus wont let me. It wont even allow me to do a System Restore.

Any ideas?

you tried running hijack this?

I have it, and have tried. Like the other programs, itll open (sometimes, and run... then disappear. POOF, gone. Then when I click on the icon for it to restart ot O get blocked out of it with a prompt that says "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access this file."

It says that for AdAware and Spybot now too. Even after a restart, I'mblocked out unless i re-install them.

Wierd thing is, everytime I restart my computer Windows used ot just open normally. Now, theres a log in prompt (as if I have to pick a user) with my name on it.. I click OK (no password) and windows opens.

Time to install new windows and go from there.

Time to install new windows and go from there.


if you want it easy yeah.



if you have access to another desktop. make sure that the other desktop has a good updated antivirus, take out the harddrive from the infected desktop and put it in the good one. boot up and scan the entire hdd with your antivirus and/or antispyware malware software.


thats what i would do... in the event that the infected computer is just that bad

Unfortunately I do not have access to another computer. :(

bootup, press f8 repeatedly and try to go into safe mode. if it goes through, login... go to start, run. type "msconfig" and go to the startup tab. and disable everything. click ok and do NOT restart yet. run your antivirus in safemode then restart..


see what that does

Everytime I try to enter Safe mode I get the blue screen 'o death.

:(

try this.

http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/



i have yet to try it, but i guess you can be my guinea pig!

disable your system restore because virus have a tendency to go back and hide. whats the error when you go into safe mode? Also try downloading SD Fix and Smitfraud, but these need to be ran in safe mode. Purp is right, you need to find access to a second computer. If you don't want to reformat you might just need to go to a computer shop. looking about 70 to 90 dollars is the going rate anymore

reformat the hard drive and reinstall windows and you will be good to go. It's very easy and takes only 1-3 hours...stick in the windows cd and the rest is easy

What he said but take it 1 step further to min down time. Ghost image. Had PC issues and on many occasion could not figure out what was wrong with my PC. Not a problem pop in my latest and greatest image and i'm up and running in 20 - 30 min flat. Literally all of my software and settings in windows is good to go. B/C my data is archived off the pc, i never worry about losing precious data. Ghost and go, done. Problem solved. Worked for me for a very long time......

Look into Norton Ghost, Arcronis True Image, DT Utilities PC Backup...etc.





reformat the hard drive and reinstall windows and you will be good to go. It's very easy and takes only 1-3 hours...stick in the windows cd and the rest is easy

I JUST REMOVED THIS LAST WEEK!
So I hope I can help you.
Safe Mode does not work. For me, the computer just rebooted every time I tried.
You cannot run anything. You can't install antivirus. I couldn't open task manager. Hell, I couldn't use 'Run' to open notepad.

Heres how to beat it.
Download PSTOOLS from microsoft, or the sysinternals suite.
I don't remember how I got it to install, but I did. It did put up a fight.
I think you can just place the files in c:\windows\system32 if you can unzip them.

Restart your computer, log in.
As soon as you can, open CMD
(shortcut: WindowsKey+R, CMD)
I was able to get into CMD before the program loaded and stopped me.
Run pslist to list processes.
use pskill to kill the process by process ID.
you are looking for a process named by random numbers (##########)
the process ID itself was only 4 numbers.
pskill ####

this killed the process and i was then able to install and run antivirus software.
i used malwarebytes.
superantispyware is also good.
hope this helps.

The virus itself was in
c:\documents and settings\%username%\application data\############
^ I think, might have been all users account.
I just deleted it.
Also, its in MSCONFIG 'startup' so get it there to.

http://www.eset.com/onlinescan/

this should do the trick.