KermMartian wrote:
Sadly, I somehow contracted a computer virus this evening on my laptop. I don't know how it got there; when I got it, I was browsing Reddit, so I suspect whatever link I clicked on Reddit that suddenly triggered a Firefox zero-day exploit of sorts. Avast! managed to block three instances of it installing itself in places in my directory structure, and Spybot S&D successfully repelled it from becoming a startup service, but it managed to wipe my Start Menu, remove my desktop background, delete my taskbar settings, icons, and pinned items, and un-validate my Windows install. It then popped up 200 "Delayed write failed" messages for some reason before I pulled my battery to hard power-down my laptop. Three Avast! safe mode / boot mode passes later, and several helpful forum threads past, I have my laptop back in order, and to be on the safe side, I changed all of my passwords (ugh, what a pain), just in case the virus sent out my saved passwords somewhere. I'm hoping everything is clean now, but I'm very concerned, as I always am when I get a virus.
What about you guys? Have you gotten viruses? What do you do?
BAWWWWWWWWW Don't visit the butthole of the internet known as reddit and you won't have these kind of problems.
seana11 wrote:
I have linux. I am pretty much immune. Hehe.
I feel as if I need to provide input here... Linux-based operating systems aren't much more secure than other operating systems. The primary reason there are so many fewer viruses for Linux-based operating systems is the small market share Linux has. Most people use Windows, and Mac OS X follows behind. There are surely plenty of exploitable areas in the Linux kernel, and when the end user installs the software he or she uses, even more exploits are available. The main method for tampering with a Linux system is to lead the end user to perform some insanely stupid task, which inexperienced Linux users may actually do. If Linux gains a significant amount of the market, I highly doubt it would be nearly as safe from malware.
To add my input on getting viruses, I've had a few issues with them. One of the most annoying ones I've had was a recent occurrence: It was one of the scareware false anti-virus programs, and it was on my school computer... I was unable to remove it because of two things: I was not an administrator, and seemed to be using NTFS' ADS feature to avoid simple deletion. It was inside of my Application Data folder, which I could not remove while I was using the PC, and was unable to boot from live Linux media. So I was stuck with a virus on the weekend while I needed my school tablet to do homework, and was interrupted by the virus fairly often.[/list]
I downloaded a document from my school site, and this was running in the background as a self extracting archive.
Code:
Extracting ControlPanel.exe
Extracting Languages\chs.dll
Extracting Languages\cht.dll
Extracting Languages\csy.dll
Extracting Languages\dan.dll
Extracting Languages\deu.dll
Extracting Languages\esp.dll
Extracting Languages\fin.dll
Extracting Languages\fra.dll
Extracting Languages\ita.dll
Extracting Languages\jpn.dll
Cannot create Languages\jpn.dll
Extracting Languages\kor.dll
Extracting Languages\nld.dll
Extracting Languages\nor.dll
Extracting Languages\plk.dll
Extracting Languages\ptb.dll
Extracting Languages\ptg.dll
Extracting Languages\rus.dll
Extracting Languages\sve.dll
Extracting Languages\trk.dll
It _looks_ harmless, which means it could be very good. I am running a scan now . Is this a possible virus or am I just paranoid?
Also, so far nothing different about my pc.
I used to get those fake antivirus things a lot, until I starting using Windows 7. Back when I did get them, running ComboFix was always enough to destroy them(although sometimes I had to reset some settings to get back on the internet). Unfortunately, my brother's computer still runs XP, and a recent virus attack put a rootkit in the TCP/IP stack. ComboFix got rid of it, but now it won't connect to the router or the internet, reporting an invalid IP Address. I've tried several System Restore points, all of which failed, and I've tried uninstalling and reinstalling the network driver, to no avail. I would reformat/reinstall windows but this computer no longer has a DVD-ROM drive(I replaced it with a second hard drive for extra storage). Any ideas?
Yeah, temporarily Put the DVD rom drive back in. :p
My mother still gets those fake antivirus messages, and she is on Windows 7. Perhaps you're just doing things differently on your new OS, or the virus wasn't actually removed and just repropagating itself on that computer?
How to remove the Windows [Version] Anti-virus Trojan
Install Spybot Search & Destroy
Update
Mode > Advanced
Tools > Proccess list
Note suspicious process file location and then kill the process.
Tools > Secure Shreader
Add the file you noted to the list and shred it.
Run a scan to check for other issues.
If you can't kill the process there are a few ways to get around this, on windows & just use another user, for XP you could try safe mode or another user
Actually, I would recommend this
1. Check of you can open task manager or your anti virus software. If the virus prevents this "hurrr tskmanager is not safe durrr" then
2. Boot into safe mode and install avast
3. Schedule a boot scan from avast while in safe mode
4. Now restart and the boot scan should start. This is an in-deph scan, but should get rid of all fake anti-virus software/all viruses
Frankly, I've never had a problem using ComboFix(which operates in much the same fashion as an Avast! boot scan). Contrast this with Avast!, which has failed me many times. The problem I have now is damage left over from a virus, not a virus itself.
My removal process for the fakeav is usually along the lines of:
[Windows key] / Navigate to '* Computer'
Go to %windir%/system32/
Find taskman.exe and copy it someplace
Rename it explorer.exe and then run it
Find all strange processes and open up the path that they are in
End said tasks and then delete said files
Q.E.D.
Most of this has to be done with the keyboard, as fakeav usually blocks the mouse with an obnoxious window that encompasses the full screen and is set to stay on top, so clicking gives focus back to fakeav.
There was an annoying virus I had when I was in high school. For some reason, this virus only got active when I uninstalled the Norton Antivirus. It was pretty annoying and any time I wanted to boot my computer, the system gave me an error alerting of a virus threat.
Fortunately, I haven't had no viruses since I installed Linux on my computer. That was really fortunate.
CharlieMAC wrote:
There was an annoying virus I had when I was in high school. For some reason, this virus only got active when I uninstalled the Norton Antivirus. It was pretty annoying and any time I wanted to boot my computer, the system gave me an error alerting of a virus threat.
Fortunately, I haven't had no viruses since I installed Linux on my computer. That was really fortunate.
This post is full of funny.
Did you ever figure out where you got the virus from?
Kerm, I suggest using "Malware Bytes Anti Malware" (MBAM). It offers a few different types of scans. You can quick scan or full scan. It also allows you to scan any drives you want, (Flashdrives, Cd drives, HDD). I've been able to fix virus filled computers with that program. Give it a try
joshie75 wrote:
Kerm, I suggest using "Malware Bytes Anti Malware" (MBAM). It offers a few different types of scans. You can quick scan or full scan. It also allows you to scan any drives you want, (Flashdrives, Cd drives, HDD). I've been able to fix virus filled computers with that program. Give it a try
It's not bad, but it's not as good as my MSE + Avast combo, in my opinion. I'm happy to say that this virus is long since gone.
comicIDIOT wrote:
CharlieMAC wrote:
There was an annoying virus I had when I was in high school. For some reason, this virus only got active when I uninstalled the Norton Antivirus. It was pretty annoying and any time I wanted to boot my computer, the system gave me an error alerting of a virus threat.
Fortunately, I haven't had no viruses since I installed Linux on my computer. That was really fortunate.
This post is full of funny.
Did you ever figure out where you got the virus from?
I have no clue. I never figured it out. The only solution to kill that dirty virus was applying format c: HAHAHA.
I also remember that I got a virus when I installed Worms World Party. The CD was contaminated with malware and it looked like a dump.
Another thing: is it true that viruses can damage the system while they're being destroyed by the antivirus?
No, that's not true, depending on what you mean by "damage". They either get removed entirely or remain behind, but they can't do any worse damage than whatever damage they could already do before the antivirus reached them.