My computer might be hit by virus

[Dida]

I think my computer is hit by virus, lately, these symptoms have manifested themselves:

1) message from VirusScan popping every so often tell me so and so file is infected and will be deleted.
2) when I do Ctrl + Alt + Del, it says "Task Manager has been disabled by your System Administrator", but I have not disabled Task Manager, in fact, I don't know how to disable it.
3) I just got a message popping up saying "process Kernel88.exe has encountered an error and will be shot down". This process sounds fishy, I think it might be a malicious process running in the background.

I updated VirusScan and ran a full system scan, nothing turned up. My computer has not experienced any slow down. What should I do now?

 

[Genocidicbunny]

Are you on the administrator account? if not, try checking task manager on there.
Get Hijackthis
You can post the log on here, or on the site where you downloaded it from. SOmeone will help you got hrough it and find the bad stuff. Also run SPybot and avast/avg antiviruses (google them)

 

[soul_warrior]

try to:

* boot in SAFE MODE (use the F8 key to choose it)
* delete contents of your temporary files.
those are usually at these 2 folders:
C:\Documents and Settings\YOUR USER\Local Settings\ TEMP
C:\Documents and Settings\YOUR USER\Local Settings\ TEMPorary internet files
viruses, especially trojans and malware, have atendancy to reside there.

* scan your PC (still in safe mode) with your AVG.
IIRC, AVG has ceased its free AV, so it might be outdated.
another FREE AV (you need to register and renew license every 14 months) is AVAST and can be downloaded HERE.

if that wont help, you'll probably need to dig into your registry.
carefully!

go to: start > run. type regedit

BACK UP YOUR REGISTRY
file > export > save it with a name you can remember and place you you will find if needed.

navigate to these 2 keys:
HKey_local_machine\software\microsoft\windows\current version\run
HKey_current_user\software\microsoft\windows\current version\run

see if you find any abnormal entries. names are usually close to the applications you run at start up, like :skype, msnmsgr, avg, etc.

you can safely delete all the entries (on the right hand side) except for (default)
valid applications will renew the entries on the next bootup.

hope this helps,
Troy
Soul Warrior

 

[Nixnutz]

Defnintely got something going on there, especially since the task manager was shut down.

The HiJackThis suggestion is the best bet. There are any number of forums out there....SpywareWarrior is a good start....CastleCops, SpywareInfo all have HiJackThis forums and folks who really know what they are doing.

Couple of other things that can be done include -

On line scans such as TrendMicro's Housecall - http://housecall.trendmicro.com/
and Ewido (now part of Grisoft) http://www.ewido.net/en/onlinescan/

Download and run the ol' standbys Spybot H&D and AdAware.

Download and install a little program called WinPatrol from BillP Studios. This is a dandy little program that helps block a lot of garbage from installing on your machine.​

One piece of bad information......Grisoft has not discontinued its free version of AVG....it is available here - http://free.grisoft.com/doc/1
My employer offers McAfee's VirusScan free to employees, but I recommend that our users go for the AVG. It does a real good job and doesn't require anywhere near the system resources that the McAfee product needs. It also plays nicer with other anti-malware programs.

Something else to remember when you're cleaning up the XP machines - disable System Restore. There have been some arguments for not doing this, however, every XP machine I've cleaned up required it.

 

[Chairman Meow]

All of the above advice may work, but in your case, the best option may simply be to backup your files and reinstall Windows. Many of the newer viruses are able to embed themselves so deeply into the OS that you can never really be certain that they're gone.

 

[Nixnutz]

All of the above advice may work, but in your case, the best option may simply be to backup your files and reinstall Windows. Many of the newer viruses are able to embed themselves so deeply into the OS that you can never really be certain that they're gone.

This is true, however I find it preferable to take a crack at cleaning a machine before going through the aggravation of a reinstall.

By the way.....I did find a fix for Dida's problem...

http://forums.spywareinfo.com/lofiversion/index.php/t91533.html