yup, got myself a nasty one this time. the fucker disables virtually everything including my windows activation key. works in safe mode, but not with networking
It pretends to be anti virus software and prompts you to buy the professional edition to remove it
It won't let me start avg, services.msc, notepad etc
Any ideas for a fix anyone. grr lucky I wasn't working on anything major
I was on this hd tv site when it happened. Never had problems with it before
Replies
Spark
damn my usb stick is broken also
Perhaps you should look into that one as well
Ive had little to no threats with anything since installing it
Also, just in case you got the shoddiest virus ever, try renaming your AVG exe to anything (1avg.exe or whatever) and then opening it. There are still viruses out there that do things in comically straightforward ways.
To ensure that the system is problem free, and that you do in fact have a completely clean system, the best idea is usually to reformat for a virus that has its hooks as deep as it sounds yours does.
Hope everything works out for ya.
Once you get the infection cleaned up, do a backup, then reformat and reinstall.
so it seems reformattiing is the best bet. I don't keep a lot on my c drive but still a pain in the ass.
I just wonder why the fuckers who do this have n't been taken out yet. It's been a few years this has been around.
call me paranoid but when doing google search for fixes to this it might lead me to a site with more virus stuff posing as anti virus:)
good luck with your chosen course!
gonna try Hiren's Boot Disc first then have a look at seforins suggestions
thnks again guys
I had to re authorize windows over the phone, but it did n't take long anyway
Combofix works great, as does Malwarebytes. You might have to rename the .exe files so that the bug doesn't know you are trying to run those programs. (I've seen that before). Combofix will actually create a new restore point for you. But if you use anything, be sure to turn off your system restore or you might reinfect yourself later.
Was called malware doctor that little fuck for the life of me i couldnt get rid of it.
Malwarebytes found it and deleted it but after reinstall same story.
I backed up files on my external hdd so how likely is it that it spread?
And if what would you recommend me to scan the drive?
It was MalwareBytes that deleted the activation, actually. I recall having to do this before when updating to XP SP3. The dll was leftover in my downloads folder from then, which is how I fixed the login on a hunch when it got deleted (ie, when MalwareBytes decided to go vigilante). The ANTIWPA.dll fix may be "questionable," but it works. *_*
If you don't want to just call up Microsoft, that is. You shady thing.
It comes in a few different files just in case the the virus/malware will not let you run a particular type of file etc.
http://www.bleepingcomputer.com/forums/topic308364.html
The dude that made the program supports it in the above thread.
I stopped running Nod32 a few months ago after 4 years. Went with MSE. Works like a charm.
haha that's a good question I'm thinking they got it in my system through a java exploit because AVG has been reporting that it has blocked a known java exploit quite a few times in the past 3 weeks so
I'm assuming that's where it eventually got in
i'm also using the noScript firefox extension now...kind of a pain, but i feel much safer.
Linky
Essentially, Abram invented this kind of shit. There's an article on it here. They've been taken to court numerous times about it, but they're rich and they operate commercially, so make of that what you will.
Kubs solution sounds like the smartest bet, I just wouldn't trust it once you got it back up and "clean". I would reformat and reinstall after you back up. Hopefully you install your OS on a separate drive than where you keep your files so a reformat doesn't lose any data.
I reinstalled XP about a month ago just because I hadn't done it in while. Even with time to prepare and a image of a base install, it was still a pain. I bought Win7 just for the driver updates ha. It installed like a dream, as it should.
Good luck! Win7 is the way to go, even if "the man" is under handily forcing you to update, heh
/conspiracy theory
yeah my files are on separate disk drives so I don't keep many important files on drive c.It's just the whole inconvenience of it. real pain
Actually I could install vista instead of buying 7 but I never got an install disk with my laptop and the laptop is totally fucked now and as I say vista was quite slow for me.
Spark
I stroll trough the same hell places of the internet with my laptop and desktop.
Theyre connected via lan and as it seems only my xp64 desktop was infected and my
vista laptop is clean. I find this very shady.
My solution is prevention...
-Use firefox (general users have no clue it exists)
-Install no script add-on (protection against java threats)
-Install (and keep up to date) spybot search and destroy
-Update AV
-Run hijack this from time to time to check for suspicious entries.
A group of vigilante should follow them around with a bullhorn and scream retarded ads 24/7 right to their face, see how they like it!
I prolly just did something wrong.
No worries though Bearkubs disk thingy did the trick.
Now use that machine as an 'empty box', not storing much on it. Bookmarks can be saved online (Delicious), notes/stickes as well (Google notes), and so on. Then you can use Dropbox to communicate files between the dedicated browsing machine, and your main beefy computer. The desktop only needs Dropbox, you dont even need a browser on it. Maybe a free AV program just to be safe (I use Commodo). You can watch online TV fine on the laptop, by simply putting it on your desk near your main screen.
It really is a relief, and a good side effect is that, it makes you less tempted to browse risky sites on your main machine :P And it frees up power for the workhorse machine too.
Hope this helps!
Go in run some AV soft and get out... or play around and enjoy the experience.
I reformatted a couple times in a row, reinfecting every time I plugged my external in.
If you still have to use that external, never just click on it again. Right-click and choose Explore, or give yourself a shortcut to a folder on that drive.
I remember getting it about a year ago on my laptop aswell out of nowhere, strange its still out there?
It works great as a dedicated browsing machine. Very secure and it boots up faster than my 4 years newer desktop.
Firefox + NoScript and Dropbox all work great. There's even a version of Avast for linux if you want to be extra careful.
I wish I could switch my main work machine to Linux Mint. Unfortunately with linux there's a severe lack of game art creation apps that will run natively or without issues even with things like Wine.
This is awesome. I am actually inspired to maybe do exactly this. thanks!