Virus/spyware wont come off

I need help bad. About a week ago i got a virus from msn because i opened a virus or somthing. Somthing told me then that i have threats and stuff. I have done a scan with avg free anti virus, windows defender, ad aware, spybot search and destry, and i have used ccleaner. My avg says virus found hosts.
Under file it says hosts under result/infection it says virus found hosts and then under path it says c:/windows/system32/drivers/etc/hosts. This virus messed up my msn so i deleted msn 7.5. I had a bit of problem deleting msn messenger so i had to do it in safe mode cuz it ssays somthing is using it. I also deleted a host in the c:/windows/system32/drivers/etc/hosts that said somthing about msn. But the problem is still here. Some times it says change under file and it says its not a threat but then when i restart it comes back again even when not conected to internet. Also pop ups of my avg come up saying threat detected trojenbackdoor and some other stuff that changes cuz it also comes up again. For spybot the problems say microsoft.windowssecuritycenter_disabled 1 entries and the other problem says microsoft.window.redirectedhosts 36 entries. These come back every time i resart. And in ad aware i get a critacal object. Name says windows type says refdata object says hkey_classes_root... Also underdecrition it says general windows security isue. Your system security may be compromised. The specifics of the possible compromised item are listed in the coments section. These all come back again. I think i might have to get my laptop reformated. Also when i click on my firewall this message comes up "Windows firewall settings cannot be displayed because the associated service is not running. Do you want to start windows firewall/internet connection service?

 

verify ur services and start.up processes to see if anything that is NOT belonging to ur system - zap it with either cCleaner or do a search inside ur registry for the culprit name and delete the entry

cheers ...

 

A simple thing might be to use system restore to go back to a time before the infestation hit.

 

How dp i do this?

Also to the other other guy i don,t think that i had system restore on, because i tried that and it didn,t work.

Also sometimes it changes my homepage. And if i do a spybot scan first it doesnt show on avg.

 

deleting a virus manually does not always help, or removing software, first install msn again, and then get yourself an online scan at norton antivirus (search google), where you can get your computer scanned, then you should go and buy an antivirus norton, and scan and delete, i had the same problem, but sometimes you just have to format pc hehe but it doesnt mean that you shouldnt try one more time, so, do as above, and if not, burn your importnant stuff on disk, and then you can format pc, cause too bad if you lose everything. And if it changes homepg, then format, cause then you are sure of to get rid of virus, especially if you remove the old one, not upgrade!!

hope it works m8

 

It would be helpful if you could provide more info. And, not being mean, but check your spelling. When it comes to viruses/malware, they often contain typos. It's easier to help diagnose the problem if your can provide specifics. For example, "svchost" is completely different from "svcHost" or "SvcHost" or "svchosts".

It's not clear which of the malware programs you ran gave which responses. For example, "microsoft.windowssecuritycenter_disabled" is not a sign of a virus. It simply is Spybot letting you know that you are not using Windows Security/Firewall. Nothing wrong with that, unless you are using Windows security.

If you could post the log of the Spybot results, that would help.

The MyDoomB virus can infect your host file (but usually not an MSN issue). US-CERT has steps for verifying if your host file is infected and steps on how to fix it.

I know this kind of thing can be unnerving, but it's often (but not always) fixable. May take several things, but it can often be done.

 

IF your computer runs fine, I would turn off your system restore. The virus could reside in there so no matter if you delete it, it will come back. First disable system restore on the drive that the virus is occuring on. Then boot into safe mode and run your antivirus and spyware program. Delete it all, then restart back into the normal setup. Turn back on system restore.

Do some research for alternatives first. Doing it this way isn't too safe unless you know your computer since you are disabling system restore. You can still try the rest I've mentioned if it helps.

 

I am positive i the doom virus, http://www.pchell.com/virus/mydoomb.shtml
I cannot access most antivirus websites. Also i get popups saying i have a trojen backdoor.

 

If you believe you have the MyDoomB virus, follow the steps in the US-CERT link. Near the end (after the steps on verifying if you have it) it gives info on how to remove it. After following those steps, reboot into safe mode and re-run your antivirus and anti-malware apps to remove the other things.

If that doesn't work, please post back for additional steps.

 

After it says to update ur anti virus? I havent really have any problems updating.
Also avg comes up with this alot

Trojan horse Downloader.Generic3.NPE

C:\program files\Common files\{D8A70765-0724-1033-0929-060315060001}\Update.exe

When ever this comes up a install icon comes up on my desktop and if i click it the trojen comes up. So i delete it but this happens all the time.

 

Also i don't think the virus is letting me get into reg edit.exe because when i go into it it just cloeses within 2 seconds.

Also when im in the comand prompt and i type del %windir%\system32\drivers\etc\hosts it says it cannot find it?

 

Do any of these processes look bad?


Sorry if its a little small

this may help to


Notice when this comes up that install icon comes up to

Also i think that the process wmiprvse.exe comes up after the trojen comes up. Because before i didnt see it in the processes.

 

I don't know if anyone's suggested this, but why not just backup your important documents and reinstall your operating system? The whole process will take no more than a fraction the amount of time you've already invested trying to clear out this virus. Also, it'll speed up your Windows too

 

you will probably end up doing the whole boot into safemode, use killbox and hijackthis! to get rid of the things you have problems with. search on google for exact instructions. reinstalling windows would be much easier. trust me. it took me a good 30 hours to remove viruses off my fiancee's computer.

 

Ya about that i can just use dells pc system restore to go back to they way it was to the day i got it? That is same as reainsatling ? How can i save my wireless network? Ty for helping out i have never had a problem like this.

 

Lol once again raising the bar for the meaning of true love ejl.

To OP: yes, do that ASAP. Don't worry about your wireless network, you can easily set it up again once your comp is up and running. If not, then post a "wireless network help!!!1!1!" thread here.

 

K well i got to get some files i want to keep. Can i use sonic to burn saved game files to a cd?

 

Well, yes. If AVG detected a virus (your second image), you should select "move to vault".

You can try running Hijack This.

Save the log and cut/paste it and post it. Hijack This can get rid of things that AV programs can't. Not always.

If you try to do a clean install, be sure to update your AV program afterward and check all of the files you backed up before putting them back on the system.

 

Ya i think im just going to do the dell restore to the way it came from factory. Only files im going to back up are some saved game files.