Virus question

Mirc

Mirc

Not mIRC!!!
Joined
Jun 27, 2005
Messages
15,825
Location
Düsseldorf, ->Germany, E.U.
Somehow I got a very nasty virus on my computer... don't know how or why.

When I start my computer, it automatically changes my desktop to blue with a box in the middle saying something about my computer being infected with malware (it's not the same message every time, so I can't tell exactly, next time when I'm going to restart my computer I'll check).

And after 10 minutes, instead of a screen saver (which I don't have, I turned it off long ago), I see BUGS moving around the screen and "eating" parts of it turning them into blue. Of course, that goes away as I move my mouse, but it's incredibly annoying.

Apart from that, I get an extremely annoying thing in my system tray called "Advanced XP fixer" that keeps telling me to buy a license to continue using it.

And I also got a "Malware protector 2008" program in my program files that of course, I didn't install there, however, those two might be unconnected with the bugs running on my screen - might be a totally different virus/spyware/whatever.


However, THE MOST ANNOYING THING BY FAR is that I can't access my Task manager. Whenever I press Ctrl+Alt+Del or anything else supposed to bring the Task Manager up, I get a message "Task manager has been disabled by your system administrator". Of course, the user I'm using is the ONLY user on this system and thus it has full admin privileges, yet I can't change that!


What can I do? This is driving me mad!! :mad:



Oh and I checked my system with Norton Antivirus, Kaspersky, and nod32 (and AdAware for the spyware/adware), yet NONE found ANYTHING. They see my computer completely clean!!! [pissed]

Please help, I don't really know what I can do. :aargh:
 
your best bet is to reinstall windows. In my opinion it's best not to trust a system that's been compromised like that. If you want to be really paranoid you could zero out the harddrive, but I imagine just reinstalling windows would suffice.
 
I recently dealt with a nasty case of the "Vundo" virus (apparently) and this program eliminated it for me:

http://www.malwarebytes.org/mbam.php

It was recommended on a number of sites. I also saw several recommendations for superantispyware as Zelig mentioned, and HiJack this was also helpful in putting me on the right track to find out where the problem was. The following is helpful if you feel confident enough to read the log yourself:

http://forums.majorgeeks.com/showthread.php?t=38752

And the following database of startup programs is also helpful:

http://www.sysinfo.org/startuplist.php

Along these lines this whole process has made me wonder if there is truly an effective all in one (free?) anti-malware solution out there; I recently upgraded to AVG 8.0, which I find useless and annoying as it didn't solve my most recent problem, so I am looking for alternatives. Anyone know of any that are the complete package?

edit: I also remember reading that AVG and Superantispyware will conflict, i.e. AVG will erroneously say superantispyware is a virus... is this true? I am planning on trying out superantispyware to compare to MBAM so I was curious.
 
illram said:
Along these lines this whole process has made me wonder if there is truly an effective all in one (free?) anti-malware solution out there; I recently upgraded to AVG 8.0, which I find useless and annoying as it didn't solve my most recent problem, so I am looking for alternatives. Anyone know of any that are the complete package?
Click to expand...

Linux is free, and a good anti-malware solution. ;)

Honestly, prevention is a much better solution than removal of malware. Don't install any programs if you aren't absolutely certain they're safe, don't open any email attachments if you aren't absolutely certain they're safe, keep your OS and all your software up to date, follow good habits for passwords, etc.

The best of software isn't going to be able to stop malware completely, unless users are completely disallowed from making system changes. (a la deepfreeze)

My recommendations for free real-time scanning go to Avast and Windows Defender.

Personally, I haven't ran any type of realtime anti-malware ore anti-virus software in years, and I haven't had any malware or viruses in that time, simply from practicing safe computing habits.

illram said:
edit: I also remember reading that AVG and Superantispyware will conflict, i.e. AVG will erroneously say superantispyware is a virus... is this true? I am planning on trying out superantispyware to compare to MBAM so I was curious.
Click to expand...

superantispyware isn't a virus, flag it to AVG if you feel like it. In any case, I'd recommend Avast over AVG, I've had fewer problems with it, overall.
 
Mirc said:
Somehow I got a very nasty virus on my computer... don't know how or why.

When I start my computer, it automatically changes my desktop to blue with a box in the middle saying something about my computer being infected with malware (it's not the same message every time, so I can't tell exactly, next time when I'm going to restart my computer I'll check).

And after 10 minutes, instead of a screen saver (which I don't have, I turned it off long ago), I see BUGS moving around the screen and "eating" parts of it turning them into blue. Of course, that goes away as I move my mouse, but it's incredibly annoying.

Apart from that, I get an extremely annoying thing in my system tray called "Advanced XP fixer" that keeps telling me to buy a license to continue using it.

And I also got a "Malware protector 2008" program in my program files that of course, I didn't install there, however, those two might be unconnected with the bugs running on my screen - might be a totally different virus/spyware/whatever.


However, THE MOST ANNOYING THING BY FAR is that I can't access my Task manager. Whenever I press Ctrl+Alt+Del or anything else supposed to bring the Task Manager up, I get a message "Task manager has been disabled by your system administrator". Of course, the user I'm using is the ONLY user on this system and thus it has full admin privileges, yet I can't change that!


What can I do? This is driving me mad!! :mad:



Oh and I checked my system with Norton Antivirus, Kaspersky, and nod32 (and AdAware for the spyware/adware), yet NONE found ANYTHING. They see my computer completely clean!!! [pissed]

Please help, I don't really know what I can do. :aargh:
Click to expand...

I had the exact same virus on the 12th. I used Superantispyware in safe mode to get most of it. The virus knows to block their site though so I had to use download.com to get the file. I also had to go through the manual process of updating the definition files. That got a chunk of it.

Then, I used smitfraudfix to get rid of a few other parts.

Then I got adaware to get another couple parts.

All these were run in safe mode (superantispyware would crash my system if run off a normal boot). This got rid of the worst of it (the background hijack and 'unsafe system' pop-ups). I then had ads popping up using IE and it would redirect my searches through Google. Also, you may need to fix the registry item for the task manager to be accessable again.

I used spyware terminator to get rid of the worst of what was left and this allowed superantispyware to run normally. It got a bit more, adaware got another piece of it.

End result, lots of lost hours, but everything is acting normal again and all the scans are clean :)
 
I got the same virus sometime last month!

I didn't know about superantispyware then, so I backed up what I could in safe mode (it still let me use my CD burner.) and wiped the system.

I use spybot search and destroy. It comes with useful utility called "TeaTimer" that warns you about registry chanegs and lets you block them.. If it pops up out of nowhere and has unfamilar name, block it. (Sometimes Google Updates pops up, so thats why I said unfamilar name.)
 
Thanks a lot DoM!!! (and everyone else who posted here!)

I think solved it (my way, before reading your advice here, because I didn't have an internet connection for a few days). I don't have time to run a thorough check right now, but I will as soon as I get the chance. At least the symptoms seem to be gone, but who knows if that means in fact that I got rid of it all. I'll see. :)

Thanks again.
 
Dang, i dont have admin privileges so i can't get it going, any other way to install it?
 
civ_king said:
Dang, i dont have admin privileges so i can't get it going, any other way to install it?
Click to expand...

If you can get a "portable" version (dunno if there is), you can run it without installing.

Or maybe try a bootdisk.
 
You must log in or register to reply here.

Similar threads

K
Slow launch time
Replies
2
Views
339
Walter Hawkwood
Walter Hawkwood
CainStar
C2C gives error at launch, but normal Civ4 doesn't work either.
Replies
3
Views
305
JL1312
J
I
Civ 3 Conquest Disc no longer works
Replies
5
Views
942
Gary Childress
Gary Childress
G
I like that religion is way simpler in Seven, although it is tedious
2 3
Replies
53
Views
3K
Kenshiro70
K
MutilationWave
Open borders invalidated by refusing alliance
Replies
3
Views
400
sixty4half
S
Back
Top Bottom