Malware? Trojan? Adware?, I don't know!! Options

[Fh-Fh]

Mmmkay.

One day, I was in the mood to play Grand Theft Auto. Problem is, I don't have it. So I decided to "legally" dowload it.

Link is here: hxxp: //thepiratebay.org/torrent/4277087/Gr...uto_San_Andreas

BTW Don't dowload it XD

As you can see, people were not too happy after downloading it. Unforunatley, these comments appeared AFTER I dowloaded it. When I saw the comments, my eyes went wide and I slowly dragged the torrent to the trash can and delete it.

Problem solved, right?

Wrong.

A couple weeks later my Peerguardian dissapeared and I started getting these messages that read:

Windows will now Shut Down and restart. This was activated by: NT AUTHORITY/SYSTEM

Then a clock starts counting down from 1 minute and it restarts. I can't close it. I tried to open task manager but another message appeared:

Task manager has been disabled

WTF? How?

After a couple Ad-Aware and Spybot scans, I decided to use my Ace in the hole: System Restore.

I've used it before so I knew what I was doing. I was relived.

Until I found out it was still there.

Now I was mad.

I tried using Regedit but...

Registry Editing has been disabled

This is actually good news. Now I know where this virus is hiding.

So next I did another Ad-Aware scan. After I deleted everthing, I tried using Regedit.

Success!

But now what do I do

I closed it and tryed to open it back up.

No dice.

So NOW I'm using Malwarebytes to get rid of it (as said in the comments).

But still, no dice.

HELP MEE!!!!!

This post has been edited by quietman7: Aug 18 2008, 05:23 PM

[quietman7]

If your computer keeps shutting down on its own, follow these steps to stop the cycle:

• Click on Start > Run and type: cmd
• Press Enter.
• At the Command Prompt type: shutdown -a
• Press Enter.

Shutdowns and random reboots could be malware related or they could be due to hardware or overheating problems caused by a failed processor fan, bad memory (RAM), failing power supply, underpowered power supply, CPU overheating, motherboard, video card, faulty drivers, BIOS and firmware problems, dirty hardware, etc. If the computer is overheating, it usually begins to restart on a more regular basis.

When doing a search on the net for Shutdown initiated by NT Authority\system, you will find thousands of complaints with various causes and possible solutions. What works for one person may not work for another.

Some rootkits have been found to be accompanied by BSOD's and various stop error/shutdown messages so a rootkit check should be performed. I recommend performing a scan with Sophos Anti-rootkit, Panda AntiRootkit or AVG Anti-Rootkit.

Before performing an ARK scan it is recommended to do the following to ensure more accurate results and avoid common issues that may cause false detections.

• Disconnect from the Internet or physically unplug you Internet cable connection.
• Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
• Temporarily disable your anti-virus and real-time anti-spyware protection.
• After starting the scan, do not use the computer until the scan has completed.
• When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.

Note: Not all hidden components detected by ARKs are malicious. It is normal for a Firewall, some Anti-virus and Anti-malware software (ProcessGuard, Prevx1, AVG AS), sandboxes, virtual machines and Host based Intrusion Prevention Systems (HIPS) to hook into the OS kernal/SSDT in order to protect your system. You should not be alarmed if you see any hidden entries created by these software programs after performing a scan.