Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A Very Malicious Virus


  • This topic is locked This topic is locked
4 replies to this topic

#1 Uberstroker

Uberstroker

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 PM

Posted 26 June 2008 - 12:01 PM

I got the virus when I took a dumb risk on a questionable website and the virus installed itself on my computer. Soon after this occured, the desktop backround changed to a blue field with the letters "Warning! Spyware detected!" Followed by Xp antivirus running. I immediately tried system restore. To my dismay I could only restore back to the point where the virus initially infected itself!

Symptoms:
slowed performance
installation of the fake "xp antivirus" program
cannot run downloaded files (which has prevented me from downloading programs that can help me)
I cannot change the desktop backround
programs that normally load on startup do not (save xp antivirus)
(probably worst problem) My pc won't go into a screensaver mode instead just a black screen forcing me to restart, once I got the blue screen of death)
I cannot connect to the internet (I am using a family members computer)


Steps I have taken: Following a family member's advice I first did some reasearch on the xp antivirus 2008 program. I found that it is a well known fake program designed to scam its victims. I finally found a tutorial on how to remove it from my system on this very site. After I took the steps necessary, I managed to remove all of the xp antivirus files on my pc. However, when I rebooted again, the program was still there and my computer was acting as if I did nothing. When I did another search for the files, I found they were all still removed, which can only mean it is still on my computer. In a last step I tried to run a virus scan to locate any other viruses using the program PC tools Anti virus. Unfortunately I haven't been able to finish a scan because of the problems I have when my computer goes into screen saver mode. Not to mention it won't let download updates. (was at 60% with nothing found)

Situation now: I am still with the same issues that I had when I downloaded the virus. I highly suspect some hidden trojan is the cause of all this. I am strongly considering just formatting my hard drive as it seems to be the only option. I am asking you people to help me through some other options. I'm not really a computer expert so there may be a solution to this that I am unaware of. Any help would be greatly appreciated! :thumbsup:

System specs:
Manufacturer: home built
Processor: IntelŪ PentiumŪ 4 CPU 2.80GHz
Memory: 2048MB RAM
Hard Drive: 370 GB Total (2 harddrives)
Video Card: NVIDIA GeForce 6800 GS/XT
Monitor: Plug and Play Monitor
Sound Card: SB Live! Wave Device
Speakers/Headphones: Logitech
Keyboard: USB Root Hub
Mouse: USB Root Hub
Operating System: Windows XP Home Edition (5.1, Build 2600) Service Pack 2 (2600.xpsp_sp2_gdr.050301-1519)

Note: Since the virus is denying me internet access I unfortunately will not be able to download any programs that may help me through this, so I think the only option is a manual fix.

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 thrillhouse

thrillhouse

  • Members
  • 1,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Va
  • Local time:07:31 PM

Posted 26 June 2008 - 12:21 PM

http://www.bleepingcomputer.com/forums/t/111715/how-to-remove-xpantivirus-removal-instructions/

good luck

#3 Uberstroker

Uberstroker
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 PM

Posted 26 June 2008 - 01:02 PM

Thanks for the suggestion, but I have already used that tutorial on how to remove it, and it didn't work. I even did it twice! I think it might be some kind of trojan virus that is causing the xp anti virus to keep coming back. I don't think xp antivirus is the root of the problem but rather something else is causing it. A scan by another program told me that a Win.32 trojan was found. Can anyone tell me any manual methods for removing it? If it even exists?

But seriously people, thanks for the attention!!! :thumbsup:

Edited by Uberstroker, 26 June 2008 - 01:11 PM.


#4 thrillhouse

thrillhouse

  • Members
  • 1,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Va
  • Local time:07:31 PM

Posted 26 June 2008 - 03:11 PM

I accidentally put that garbage on my brother's computer and had to have someone analyze a hijackthis log and guide me through getting rid of it. I'd say it's worth a shot at this point if you can get your hands on hijack this.

#5 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,993 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:31 PM

Posted 26 June 2008 - 09:57 PM

Hello Uberstroker,

I see that you have an HJT log posted here: http://www.bleepingcomputer.com/forums/t/154478/yet-another-xp-antivirus-removal-dilemma/ Because you have this log posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?".

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users