Help! Computer virus is upon me!

[Jim]

Help! I've got some kind of virus on my computer. It's about as
friendly as the term "virus" suggests. Anti-virus software of any kind
doesn't pick it up - neither anti-spyware nor anti-virus. It overdials
a premium rate connection over the ordinary broadband one we're signed
up to, and is called "KETMEGXXX". That is what shows up in the profile
string of what the computer's dialled up to. I am at a loss how to get
rid of it. I don't know where it is held, and I don't know what it is
called. Previous attempts to get rid of it have proved futile. A search
for the word "ketmeg" throughout the computer's file names and contents
brings up nothing at all. System Restore hasn't helped, nor has
deleting cookies, temporary internet files etc., and I don't know how
to do that thing where you take the documents off your computer, delete
everything else and rebuild from disks (besides, it's my mother's
computer, and she just paid out to have it wiped a week ago!!!) I think
it must have come in off the internet, but meanwhile it's costing me
[my mother, actually] money for another internet connection I neither
want nor need!! Heck, at the moment it's even put my mother's internet
connection out of service, so I have had to send this from another
computer. Any suggestions? Much appreciated.


Jim.

 

[Bill]

Help! I've got some kind of virus on my computer.

No, you don't. It's user stupidity.

 

[Sanjaya]

Help! I've got some kind of virus on my computer. It's about as
friendly as the term "virus" suggests. Anti-virus software of any kind
doesn't pick it up - neither anti-spyware nor anti-virus. It overdials
a premium rate connection

[snip]

See if the a2 (A-squared) free scanner can find it.
http://www.emsisoft.com/en/software/free/

 

[Befunge Sudoku]

computer, and she just paid out to have it wiped a week ago!!!)

Take it back and tell them they ****ed up and they better fix it

 

[James Egan]

Help! I've got some kind of virus on my computer. It's about as
friendly as the term "virus" suggests. Anti-virus software of any kind
doesn't pick it up - neither anti-spyware nor anti-virus. It overdials
a premium rate connection over the ordinary broadband one we're signed
up to, and is called "KETMEGXXX". That is what shows up in the profile
string of what the computer's dialled up to. I am at a loss how to get
rid of it. I don't know where it is held, and I don't know what it is
called. Previous attempts to get rid of it have proved futile.

There is no point in trying to delete any files or registry entries
until you kill off all offending running processes since these are
likely to write back anything you delete before you can say Jack
Robinson.

Download autoruns and process explorer from sysinternals
http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml

Run process explorer first to close down any offending running
processes. You may find that as soon as you close a process down, it
starts up again immediately as a child of some other process. If that
happens, use the kill process tree option to zap linked processes at
the same time.

When you are satisfied there is nothing running that you don't want,
run autoruns which monitors automatic startups and uncheck anything
which shouldn't be starting up automatically.

Miss anything out and you're back to square one next time you reboot.



Jim.

 

[James Egan]

up to, and is called "KETMEGXXX". That is what shows up in the profile
string of what the computer's dialled up to. I am at a loss how to get
rid of it.

Complain about the premium rate number here.

http://www.icstis.org/consumers/how_to_complain/default.asp



Jim.

 

[Jim]

Thanks everyone, very grateful. Lots of good ideas, I'll try them all
now...



Jim.

 

[Peter Seiler]

Jim - 06.06.2006 17:06 :

Thanks everyone, very grateful. Lots of good ideas, I'll try them all
now...

and please report but this time *WITHOUT* fullquoting again. THX.