pesky virus problem

crazyman143

crazyman143

Fully Optimized
Messages
2,965
yo guys haven't been on here lately cause of this virus!
so here's how it went....
one night I'm on and I had turned off my firewall, and had only planned to leave it off for about 3 minutes. but sadly I forgot, and later norton popped up and told me it had deleted a file... I think it was C:/WINDOWS/.pif and I'm noticing that my internet connection is going crazy and the system is on idle
so just in case I restarted in safe mode, did virus scans, spyware scans, etc... nothing was found so i restarted again and connected the internet, and it seemed to be fine, so I assumed that norton deleted the file and all that was needed was the restart.

so everything was fine until like the next day, I had turned the firewall back on, etc. and then the connection starts sending and recieving for no reason again. so I restarted in safe mode, nothing found with norton AV, spysweeper, adaware, spybot s d.
and I noticed that adaware seems to go strangely fast... too fast.
anyway running out of ideas and I can't use my connection to get onto CF!!
thanks for the help!
:)
 
Is Norton definitions up to date? and are you shure that Norton deleted a file called .pif ?

To be shure open up norton anti-virus, and go to options...check the logs to see exactly what Norton deleted...

Then, Go to the regisrty in safe mode...and delete that File manually...

sart/run/msconfig...start up tab...see if that file is in there...if it is untic the box.

Now, start /run/ regedit....hit enter
now highlight the little comp. at the top...click edit

scroll down to find...leave the 3-boxxes checked
put in the name of the file: example virus.exe

hit find...delete everything it finds that has the name of the file...after delete..hit find next

keep doing this til it can't find no more...when that's done...go to the pre-fetch folder and delete
everything that's in there...
 
hehe yep that's why!
lol no I turned it off cause I was trying to see if something would work with it off that wasn't working.
anyway the definitons are up up to date, I have checked the registry and run in msconfig
 
that messenger addon I told you about... and the virus got it when I had the firewall off
 
ok everyone... I'm online right now I have apparently managed to shut it down temorarily. all of the virus's connections are using winnt.exe, but I'm pretty sure this is a system file. I have been talking to somebody else who I know that is a bit more expirienced than me.
anyway if winnt.exe is a system file than how is the virus using it? and what it the virus file?
 
You must log in or register to reply here.

Similar threads

R
gigabyte GA-H170M-D3H boot loop power issues , and no display
Replies
5
Views
1K
ripo66
R
P
Blue screen error again?
2
Replies
16
Views
2K
phantom555
P
R
Vpn apps keep breaking my internet
Replies
1
Views
871
Scissorman
S
P
ComboFix Replacement
Replies
5
Views
508
PC_Cone
P
cliffhucker
Win 10 very slow startup
2
Replies
13
Views
2K
tehnokraat
T
Back
Top Bottom