So, I'm an idiot. I've managed to infect myself with some sort of adware/spyware, which is slowing me down, has disabled my task manager, and keeps changing my background to try to induce me to download a "security cleaner.'" Help?

 

Solution:

Stop going to porn sites and start torrenting instead.

 

Yeah, that helps.

 

Download HijackThis, run it, and post the log.

We'll start from there.

 

Okay, just by the sounds of it, you might have a variation of a trojan called Vundo. There's a program called VundoFix somewhere around that might be able to help you.

EDIT: http://www.atribune.org/content/view/24/2/

A good solution would be to copy and paste the exact message you get on your desktop and google it. Chances are, somebodies have the exact same problem, posted on a forum or board somewhere and somebody else has given them a specific solution. Problem solved


Of course, it might be easier to save everything you need to CD/USB and format.

 

This sounds similar to a virus one of my friends picked up a few days ago, safenavweb . If it changed the background to a biohazard sign and is giving you warnings about viruses found, as well as disabling task manager, odds are this is it.

If this sounds like it, one solution can be found here


In my friend's case, we took a look at it, and decided it was simply more efficient to copy everything needed, and format.

 

Get AVG, Spybot, Adaware and CCleaner. Update them and run. Problem solved.

 

*sigh*

I had this problem, earlier on in the year. I downloaded AVG and Adaware and others, etc., etc., and I never could get rid of it completely. Trust me on this. You're better off just saving what you want and wiping your computer. Much easier and twice as fast.

In my case, I just saved everything I wanted on an external hd and hooked it up to a friends computer and scanned it to make sure the virus hadn't corrupted any of those files. That's probably your easiest solution.

 

Of course a fresh install will always be better, but doing these things in the first place will allow you to avoid these retarded problems in the first place. Seriously, you only ever hear of people who know nothing about proper computer maintenance getting infected with virus's, then you find out they don't protect their computers at all and go to dodgy sites and install dodgy programs all infested with spyware then use limewire to download their dodgy pirated material which are full of virus.

 

Limewire. o.o

Why the fuck do people still USE Limewire. Its as bad as KaZaA was. There are better ways of getting shit, after all.

My suggestion: eXperience's 50-in-1 Windows DVD (So long as you have the proper, legal credentials to own the software). It comes bundled with a lot of good Anti-Spyware/Virus/Adware programs and a good firewall. Install windows, install the software, dont go to porn sites, stop using Limewire, and dont be a n00b.

 

This kind of desktop hijacker sounds like a SmitFraud variant. My parents PC got owned by the Biohazard-background version with lots of virus-warning popups and IE redirects (Safenavweb probably, they also had Generic.Zlob and others).

http://en.wikipedia.org/wiki/SmitFraud

Cleaning this PC was NOT EASY. There is no cure-all program (format c: aside). SmitFraudFix was a great help. It removes a large list of SmitFraud related malware.
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php

This site contains some more info on removing SmitFraud, Zlob, etc style malware.
http://www.bleepingcomputer.com/forums/topic17258.html

As you might expect, my parents PC was infected with many other pieces of malware (including key-loggers - DON'T DO ANY ONLINE BANKING or use any passwords that you want kept a secret until your PC is clean). Often one or more pieces of malware will act as gateways to allow other malware to install silently and undetected no matter how up-to-date your Internet Security system is. They had several malware gateways on their PC, one of them was masquerading as a video codec.

Their computer was being blocked from updating and downloading a lot of antivirus updates etc. This may have been due to a hijacked HOSTS file, I'm not sure. I had to do a lot of work in Safe Mode With Networking to clean the PC. Even there I was still being affected by some malware while running scans and cleaning the system.

If you have multiple infections remember to scan, clean, and scan again. Every time you remove one piece of malware with one anti-mal program, thats just more time for the rest of the malware to spread further or re-infect previously cleaned files. It is indeed like fighting a hydra.

No free anti-mal program will catch and cure them all. You'll need to use a multi-pronged approach at least until all of them scan the PC and find no problems. The first time I thought the PC was cleaned the Smitfraud infection was back within 24hrs. I did eventually clean it out. Rootkits suck. I think MS had a small anti-rootkit scanner which I used. A quick google later, and I found it, it's the SysInternal's Rootkit Revealer.
http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx

After you've cleaned your PC (whether by formating or cleaning it), you need to put some security measures in place to stop it happening again. Norton does not cut it. Although, I must admit that Norton Internet Security 2007 is leaps and bounds above previous iterations.

Free Anti-Malware. Microsoft Windows Defender is based on the old Giant Anti-Spyware. I haven't had any problems with it. It should be a part of your scanning and cleaning process. I'm assuming that you're running an authenticated copy of Windows XP. If you're not, it's best to tell us now so that we can make other suggestions.

Fuck Internet Explorer up the arse then slit its throat and leave it to bleed out in a drainage ditch. The same goes for Outlook. There are plenty of other programs which will do the same thing without the risks. The latest Firefox Beta for a standalone browser. Opera and Thunderbird for combined browser/email/usenet etc.

Personally, Opera 9.50 Beta. Very secure.

Free Anti-Virus, I use AVG Free. I'm sure there are plenty of other free antivirus programs which are just as good. Please do a basic google search on your chosen AV package to make sure that it's not just malware in disguise.

Free Firewall. Outpost and Sygate are both supposed to be quite good.
http://www.majorgeeks.com/download.php?id=34&sort=25
Only go for freeware. I don't know what ZoneAlarm is like now, but back in the day it was headed straight for bloatware. The Windows firewall isn't worth a good goddamn. Disable it so that it doesn't interfere with your real firewall.

More good security software from SysInternals (now owned by Microsoft) such as the AutoRuns and Process Explorer can be found here:
http://www.microsoft.com/technet/sysinternals/securityutilities.mspx?wt.svl=featured

If you opt for a full retail Internet Security Suite... I'd probably go for Kaspersky or F-Secure. They both have good reps. I haven't used either of them because I'm a cheap skate and am reasonably happy with my cobbled together patchworked internet security system. Yes, PISS.

http://en.wikipedia.org/wiki/Kaspersky
http://en.wikipedia.org/wiki/F_secure

From Wikipedia:
Kaspersky Internet Security 7 includes a built in option called "Roll-back" technology. When an infection is detected, it will give you the option to "Roll-back", which will take your computer back right before the infection was detected, so its as if it never touched your computer. Having this option makes it be able to get rid of threats other software can't. An example being Smitfraud-C., which was an epidemic for most companies.

You can see how this might have been handy in your case. A one-click cure all.

After all of their trouble with malware, my parents bought a new PC with Vista (and carried over their Norton Internet Security 2007). For all of its other flaws, they've never had to call me over to clean it or do any other software related tech-support except for backups and transferring files and settings from their old XP box. They have had unrelated hardware issues though.

It's a wait and see game to watch how malware authors adapt to Windows Vista and how quickly MS et al can plug those holes.

I don't have the patience (or knowledge to tell the truth) to go through HijackThis! logs. If you find people who are both competent and willing... treat them like kings.

Yak.

 

And yak wins the golden prize. Smitfraud it was, and my problems stemmed from the registry, which is something I don't normally play in. But I'm all better now.

Oh, and for the record, this particular virus came from me trying to find a good SS2 download.

 

Serious Sam 2? System Shock 2? The suspense is ki... well, no, just curious is all. You can't leave it as ambiguous as just SS2!

Yak.

 

-spyware snip-

 

hi,
sound like you have necropost problem
try not posting in year-old threads
it will solve your problem

 

WTF? The problem has been solved years ago, I wouldn't trust that first site, and the second is even lulzier ("Cleaner Magazine - For Residential, Municipal and Industrial Sewer Cleaning Contractors - Articles in the December 2008 issue")

Oh yeah, locked.