Two Whole Days of BS

[Wandering Flame]

Almost a Whole Week of BS (lol)

Got infected by pretty much a virus that was probably made the day of the infection. I predict this because I couldn't find even one google result about the malware that I had, which is "windows smart security" that somehow changes itself to Registry Defender 2009 and Antivirus 2010, or both, randomly etc.

It wasn't until this morning someone on the net made a topic about it on CNET and even the suggestions someone gave on it to prevent the virus from disabling virus fighting programs like malwarebytes failed in my case. It didn't do anything (especially when he says to end the processes in task manager under the username that "doesn't make sense" http://forums.cnet.com/5208-6122_102-0.html?threadID=362760) However what if I don't have this one weird username on my task manager? This is why this method fails.

This piece'o **** trojan has been disabling every possible attempt to remove it. EVERY single anti-malware program, even Stopzilla which claims to be uber in erasing viruses can't do anything to this thing.

However when I installed Avast (which deleted the last trojan I had and I had the trojan for probably 5 minutes as opposed to 2 whole days of this bs) it asked me if I wanted it to do a scan after it reboots. Obviously I clicked yes, and this was the very method that got rid of the virus last time.

However more bs, somehow my computer keyboard gets disabled (AND ALL OTHER USB DEVICES DON'T?!) so I can't even freaking delete the trojan when Avast detects it! What kind of garbage is this?

Any help would be appreciated.

 

[zigzag3143]

WF

Only way to be sure is format (or delete partition) and clean install. Is there anything on the drive that you cant live without?

 

[blue75]

man that sux Did you try a-squared free ? b4 I went Vista 64 that thing used to always find something.Not sure about now but back then it found Trojans as well as the top pay versions of the big boys on the block.I see you have a 32 bit OS give it a try.

Thats why I use so much "3rd party" software or whatever you call it.The ridiculous thing is so many of these hackers get hired by big companies or the government.I know this sounds bad but IMO they should be publicly flogged like the old days.I'd be happy to be the one who administers the 20 lashings haha. Then let them go make money being a bastard..... :sa:

 

[stoneys-nutz]

Hello Wandering Flame,
If Avast can find it but the keyboard doesn't work, have you tried the virtual keyboard ?.

http://www.vistax64.com/tutorials/72733-screen-keyboard.html

Hope this helps, good luck and post your results.

 

[lemur]

Can you boot in Safe Mode and perform virus and malware scans there?

 

[JayD]

Try NOD32, and id definatly if it was me just format n re install your OS its better than taking a chance for further infections.

 

[Wandering Flame]

WF

Only way to be sure is format (or delete partition) and clean install. Is there anything on the drive that you cant live without?

That is the PC that has every single thing I want to move over to my laptop, 60 gigs worth. I can't afford to lose anything on it. It has basically 2+ years of memories on it.

man that sux Did you try a-squared free ? b4 I went Vista 64 that thing used to always find something.Not sure about now but back then it found Trojans as well as the top pay versions of the big boys on the block.I see you have a 32 bit OS give it a try.

Thats why I use so much "3rd party" software or whatever you call it.The ridiculous thing is so many of these hackers get hired by big companies or the government.I know this sounds bad but IMO they should be publicly flogged like the old days.I'd be happy to be the one who administers the 20 lashings haha. Then let them go make money being a bastard..... :sa:

I just said on another forum (Avast forums) that whoever made the Windows Smart Security program will rot in hell with Satan. I don't see why God would desire otherwise. This is practically destroying my grades and academic life at the moment.

Hello Wandering Flame,
If Avast can find it but the keyboard doesn't work, have you tried the virtual keyboard ?.

http://www.vistax64.com/tutorials/72733-screen-keyboard.html

Hope this helps, good luck and post your results.

Thanks man, I'll try that out soon.

Can you boot in Safe Mode and perform virus and malware scans there?

Going to have to try that again. FOR SOME REASON, when I tried to...actually I tried for some reason installing Avast first, in safe mode. Keeps saying there's an error. I won't install it (again) and just do a boot scan, if possible...eff this virus to hell.

Try NOD32,

Might as well (no I didn't mean to rhyme haha).

and id definatly if it was me just format n re install your OS its better than taking a chance for further infections.

Only it has 2 years worth of memories and 60 gigs I can't afford losing.

 

[zigzag3143]

WF

I feel your pain. the ppl who write virii should rot in hell. sorry there isnt a easy way out

ken

 

[Wandering Flame]

Thanks...*hugs the cat*

 

[zigzag3143]

Thanks...*hugs the cat*

let me know if I can help

K

 

[Wandering Flame]

man that sux Did you try a-squared free ? b4 I went Vista 64 that thing used to always find something.Not sure about now but back then it found Trojans as well as the top pay versions of the big boys on the block.I see you have a 32 bit OS give it a try.

Thats why I use so much "3rd party" software or whatever you call it.The ridiculous thing is so many of these hackers get hired by big companies or the government.I know this sounds bad but IMO they should be publicly flogged like the old days.I'd be happy to be the one who administers the 20 lashings haha. Then let them go make money being a bastard..... :sa:

Downloaded it, I'm going to transfer it to my bad computer (for some reason I can't ever download any program, at least antivirus programs on my other computer, apparently since it uses wireless internet. However I am able to download pretty much everything else, even huge ass torrent files with it) and at first I thought it was just those programs that never downloaded, but no...avast, trojan remover (which expired and I can never get a new 30 day free trial even via uninstalling it then reinstalling, even though this somehow worked with the professional 30 day period version of avast), and other programs download nicely on this wired computer.

Wonder if anyone knows why trojan remover (one can google the name) can never not display the expiration message. Why can't we uninstall and download it again? Especially since there's a freaking way to renew it ALWAYS before the expiration date, so one could use it indefinitely. Whoever made the expiration on it must have not been thinking.

Hello Wandering Flame,
If Avast can find it but the keyboard doesn't work, have you tried the virtual keyboard ?.

http://www.vistax64.com/tutorials/72733-screen-keyboard.html

Hope this helps, good luck and post your results.

That would be great, except I can't imagine even going to Start > Acessories > Accessiblity > On Screen keyboard on the blue boot screen (time when boot scan is done) where I have to use the keyboard. Also it's not my empty vista laptop that has the infection but the PC running XP with all my stuff on it. Life is gay.

*Edit* thought is worth mentioning that my bro had a CD with a powerful antivirus program on it called Symantec and it apparently is the *full* version and he got it from his university, and it was just a folder I happened to be able to copy it right to my USB drive...(since my cd/dvd drive on my XP infected computer has not been working...since as long as I can remember) let's see what this baby can do. :sa:

OH which reminds me, can my cd drive not working be a result of a virus? It just does not read discs...my cd drive has not been working for a very long time, but I also started getting viruses since last year or before that. Can viruses screw up your CD/DVD DRIVE? Thanks.

 

[Lensman]

You could probably lift those files up while using Knoppix and transfer them to another HD. The virus won't effect the Linux OS, then when you have reformatted C: you can install the OS and AV software, then scan your files

 

[Wandering Flame]

I was thinking of something similar to that. Transfer my valuable data (which I'm able to do) then format the hell out of my computer to get rid of it. I've got a lot of options, and I'm DEFINITELY getting something done today. I'm so pretty determined.

 

[Lensman]

Good luck with it. I have been there/done that a couple of times myself. Didn't want the 'T' shirt.

 

[JayD]

Ken, if you can, burn all the 60Gig to disks or a pen drive thats big enough.

chances of those documents been infected are slim to be quite honest. creators of these viruses intend to cause system damage not files like you have.

i know its not the best thing to do but its worth a shot mate.

once u have all the data backed up. re install ure OS from scratch get the machine up and runnning again.

install a antivirus, id suggest AVG or NOD32

then all you have to do is stick the CD's in 1 by 1 and scan them with ure antivirus or what ever you want to check them with.

(this cant cause infection atall as your not opening the CD)

just right click the drive that has the CD in then scan with: pick ure scanner

i hope this helps.

P.S once you have the data on disk u cant loose it just open it to make sure its all there on the current system. this doesnt matter on the system atm as its allready infected =/ and is very doubtfull the virus will go for it.


edit: just noticed that u have no working CD drive so my option is out the window.

i have another though

go to here: www.skydrive.live.com

upload it all to there i think the limit on space is around 25 GB per Hotmail account:D

with this in mind Create as many as you need to upload all ure data to these servers run by MS and get scanned

Let me know how this goes

 

[Wandering Flame]

It says 50 MB size limit per file...the biggest file I have is over 2 gigs, lol.

Anyway I transported everything. Doubt anything is infected...then again I can scan those whenever with something.

 

[JayD]

It says 50 MB size limit per file...the biggest file I have is over 2 gigs, lol.

I didnt see that well that sucks nvm then lol

Anyway I transported everything. Doubt anything is infected...then again I can scan those whenever with something.

well yeah, do you have your machine re built from scratch?

 

[Wandering Flame]

No...nothing has been done thus far, just was able to do some scans with some programs and they deleted...some things...some cookies, and other stuff, files I never knew existed in wierd folders I didn't know exist, thousands of them...in some directry on my computer. Didn't feel anything though. The only thing I noticed was that my bottom blue bar, where the start menu is, is back to normal. On the night of the infection in changed it to the classic-ass bar you see in safe mode, the angular gray one. That scared me, but somehow I got the blue XP one back, but I don't know the reason for this. The main problem is still on my PC, still disables (not all like before but most) startup items like my linksys adapter for instance, and some other things, and ADDED a new startup item (musicmatch jukebox) which I had disabled for years...retarded, right? You bet.

Yeah it definitely says 50 BM per file limit. I already transferred 40 gigs worth of data with my 16 g usb drive (had to use it several times obviously) so my computer can pretty much be formatted now...if my cd drive was working so I can re-install some programs like for my scanner, so that isn't a smart thing to do.

360 owner, huh? GT is Final Arcana. Add me.

 

[3DPiper]

Can you pull the hard drive and put it in another machine (or external hard drive case) and scan the drive from another machine?

When my notebook got too infected to do anything with, I just scanned/cleaned the drive from a known good desktop.. Trying to scan and clean a drive that you booted from may not let you actually delete the infected files..

-Matthew

 

[Wandering Flame]

Won't I have to open up my computer? I'm having a dude deal with it anyway, soon...