Big Fat Virus

Out of the blue, my pc got molested by a notorious virus.
It came, it saw, it concurred my pc.
What it did?
Just one clever thing; prevent any program from running.
By doing this, it shuts down my anti-virus and i cant restart it. It also prevents me to manually stop it with Ctrl-Alt-Delete. In other words, there's nothing we can do to touch it. Its quite invincible.
Any prog i want to run, a message appeared saying it's infected.
My windows keep telling me that i should turn on my anti-virus, but not using the antivirus i already have.. An unknown antivirus prog is now acting as if it's my regular antivirus but ofcourse after it detects all the viruses in my pc, it recommends me to buy the real thing. This occasion keeps occurring and there's nothing i can do.
My internet was going wild, advertising some websites, repeatedly..

i will put hear the method tht i use to solve this problem.
i choose to write this one down in my blog because my friend recommended me to reformat my pc. So i thought, what if somebody else was in my shoe and took his friend's advice?
I figured this entry could help somebody out there..
Reformat is a big word, most people tend to avoid from having to go through all the hard work of reformatting..
Here what i did:

1. First of all pull out your internet cable or turn off your wifi signal. Let those stupid fool loose you...
   
2. Go to safe mode (if u dont know how to do this, just plug off ur pc while it's still running and restart, it will give u the option to go to safe mode)
3. Run your antivirus scan. Meanwhile, follow these steps below:
   
4. Type msconfig in your start menu. Click Enter. (or run for windows XP)
   
5. Go to 'startup' tab.
6. Search for any weird program registered in the list. What i mean by weird? Names u never heard of, u never recalled ever installing it, usually it is stated unknown in the manufacturer (for windows 7) section. example, mine it has 'YXE7DXCQ37' for its name. u can also see in the command section to consider if it is a useful program.. A virus from the internet usually will reside in 'Appdata\Local\Temp' (to see in its command)
   
7. Uncheck it. (u can also use this method to throw away any unnecessary program lagging your pc when u start up)
8. Click apply.
9. Note down the address in its command. Our target is to go to the place where the virus is residing and delete all of its programs manually.
   
10. Go to the folder mentioned in the address, while viewing in details, delete any file type executable program created the day u got that horrific virus. It makes u wonder where these programs came from when on that day, u didnt install anything.. Delete those losers! (Shift-delete!) Infact, delete any file u find weird created on that tragic date and at that tragic time. Just to be safe..
11. After the virus scan (Usually they wont find anything..) try restart in normal mode.

Thts it, its very simple. With some basic knowledge and logical thinking, we can safe our pc from the infamous reformat.

bubbye..

____________________________________________

25/9

i got hit by this obnoxious team of viruses again. Seriously out of the blue, i only have the normal websites tab on my Modzilla. Probably its bcoz of this new place...
Symptoms:
-Windows asking my permission to let some program run keep popping up.
-An unknown antivirus suddenly appear (just like before) telling me i have tons of viruses in my pc.

I didnt let any of those programs to run and since this time Ctrl-Alt-Delete works,
i get to see which programs want to ruin my lovely day without having to go to safemode.
As i said before, most viruses from the internet will reside in Appdata\Local\Temp, so i went there, tried to delete everything that came today. Some refuses to be deleted, but u just have to stop their processes through the system manager.
Some badass program can easily be recognize, some is a bit tricky like the iexplorer.exe..
But u can see their name in the Temp folder so no matter how useful they sound like, u just delete after stopping their processes. Or right click the suspicious program u have in your system manager list, and see its directory.
Example this guy came with the name winlogon:


Here's what u have:
- it is run not by the system, but by me.
- its description is the repetition of its name
- its directory is in the Temp folder.

What to do?:
- kick the stop processes button and shift-delete the uninvited App.

Result:
- A lovely Saturday morning (or any day depends on what day u're on..)