new virus has cosed me out of my user account and made a dummy one

Discussion in 'Computer Support' started by Ragz, Oct 24, 2006.

  1. Ragz

    Ragz Guest

    Hi ya. I had the win32.small.gen virus but i wasn't too worried at first cuz
    I had got rid of it before but its either mutated or there is another there
    and they have been a right pain.
    Backdoor.win32.sdbot.gen is on my pc and also
    microsoft.windowsSecurityCenter_disabled is another and I was amazed with
    the cleverness of these.
    first it replaced my main user which I named (Ragz) and has replaced it with
    another user account called (ragz.RAGZ).
    it disabled my mouse and also access to any software that could compromise
    it ie: spybot and adAware, when i did get to use Ad-Aware SE Professional it
    closed me out and made the new user account.
    I deleted this account ,removed it , and even renamed my Ragz account but it
    has made no difference ,it just makes another when i boot up.
    I have come across a few other cookies that keep appearing , Bank details
    being one of them but even though I have removed every thing it could
    possible be from sys32 folder it is still there.
    I feel the new account it has opened and gives me no option to use is
    possibly passing on any personal details I put into it.
    I have done all the basic thigs like scanning in safemode and I dont turn on
    my system restore , and I use Avast antivirus also.
    Anyone else had a simular experience?
     
    Ragz, Oct 24, 2006
    #1
    1. Advertisements

  2. Ragz

    richard Guest

    Never keep banking information on the computer. Specially in a manner that
    can be easily found and accessed.
    Wipe out all of your cookies and the entire cache. Reboot.
    Check the cookies and see what pops up.

    If nothing you have can wipe it out, then you may have to do a complete
    reinstall of the OS.
    As there is a ton of crap in the registry which is probably encrypted you'll
    never find them all.
    yeah it's a pain. But well worth it.
     
    richard, Oct 24, 2006
    #2
    1. Advertisements

  3. God, you and OS reinstalls, why don't you recommend a registry cleaner
    instead for a change.
     
    =?ISO-8859-1?Q?Brian_H=B9=A9?=, Oct 24, 2006
    #3
  4. Ragz

    richard Guest

    Because the registry cleaner may not get the most important part of the
    virus.
    rewriting the OS does nothing for cleaning out the registry.
    Only a complete fresh reinstall does that.
     
    richard, Oct 24, 2006
    #4
  5. Ragz

    John Holmes Guest

    richard "contributed" in 24hoursupport.helpdesk:
    A rejection letter from MENSA wouldn't be too much of a surprise for you
    now, would it?
     
    John Holmes, Oct 24, 2006
    #5
  6. John Holmes grumbled surlily in 24hoursupport.helpdesk:

    snip>>
    He wouldn't be able to read it unless it had pictures.
     
    The Old Sourdough, Oct 25, 2006
    #6
  7. Ragz

    Top Guest

    And being written in crayon would be a plus for him. I bet he he uses
    white on his monitor for corrections.

    Top
     
    Top, Oct 26, 2006
    #7
  8. Ragz

    Ragz Guest

    Thx for some of the responses, but I see this place has changed alot since I
    used it.......people seem more consumed in piss taking other peoples
    responses rather than coming up with one them selves.
    Here's a good idea! if you know jack about the Request don't respond , my
    kids could join in the conversation of slagging people trying to help and
    they also know jack about pcs.
    Thankyou for the serious responses whether they helped or not
    ..................disappointedly Ragz
     
    Ragz, Oct 27, 2006
    #8
  9. Ragz

    Pennywise Guest

    If the account resets itself on boot up, it's being run at startup -
    you need to find what's responsible (duh)

    Autoruns can show you what it is
    http://www.sysinternals.com/Utilities/Autoruns.html
    Google the entries you don't know. - if no google results for a
    command, generally it's bad.

    Double clicking on an entry takes you to it.

    Companion to autoruns is Process Explorer
    http://www.sysinternals.com/Utilities/ProcessExplorer.html

    Lot's more very useful utilities to help you along
    http://www.sysinternals.com/
     
    Pennywise, Oct 27, 2006
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.