BZ4's first virus!

[BlueZero4]

I think it's mostly gone.

I got cocky and was running my machine for a long time without any antivirus software because my mother's Norton subscription had expired and I wanted to personally pick out the new antivirus software myself. I'm lazy so I never got around to it. Naturally, because the virus was what shocked me into my need for antivirus software, running antivirus software was like smuggling in stolen goods: only two could actually run. I booted AVG off my flash drive and used ClamWin off my flash drive, but both missed it. I ended up booting in safe mode just so that task manager would only display the necessary processes. Then I picked out the unneccessary file and killed it.

The virus made a bunch of pop-ups appear trying to say my computer was infected, ultimately trying to get me to subscribe to "Windows Virus Protection 2011" or someodd. I think the end goal was identity theft. Part of this was an icon down in the bottom next to the clock on the right. After I had killed the virus, the icon wouldn't go away so I pulled open task manager and tried shutting down everything I could in hopes of getting that icon to go away. One particular svchost.exe made the computer go onto a minute countdown to reboot after I closed it because its DLLs apparently controlled a vital server process. This may or may not be part of my current problem.

Y'know, I really didn't want to have to come crying to all the SRB2MB tech-wizards, so I've tried to tackle this all by myself, especially because getting the virus was my own fault. See, my computer doesn't know what to do with .exe files any more. So I went into Windows Explorer's Tools -> Folder Options -> File Types, but the "New" and "Delete" buttons are grayed out. Yeah, that seems pretty bad...

Help?

 

[SonicX8000]

Pop-ups telling you that you computer is infected and telling you to sub for a anti-program just screams rougeware/scareware to me. (What's the proper name for it? >_>)

Did you try running Malwarebytes Anti-Malware? Pretty much I use it whenever I get a infection or something, unless Malware blocks it from running, then you have to try and rename the exe for Malwarebytes.

Even though you killed the process of the virus, there still might be traces of it somewhere, such as infected System Restore points.


I think someone who is more of a expert with this kinda of stuff could post a better suggestion than me, really. >_>

 

[Monsteriestyn]

I hate this virus. It happened to my PC twice, and couldn't fully remove it. I think I did the first time though, by finding the proper path to take in the registry. Try searching in Google for the name of that fake antivirus software. There's a few tutorials on how to manually remove it. They sometimes also give you yet another offer of an antivirus software that's meant to remove the fake one, but... yeah.

Sadly, that's the best I can offer you. When it happened again, and got that exe file bug, I decided to format. My computer has two hard drives, and all my stuff are either in D: or in My Documents. It's been quite a few months already, and my computer seems to still be clean.

 

[MellowJacket]

If you took the time to get virus protection software before this incident, it would be easier to deal with. But having had a similar experience myself I can sympathise with how much scareware like this can suck, especially when it has malicious side effects in addition to trying to steal your credit card information.

However, as some advice. It might work if you try starting the computer up in safe mode with networking and acquiring a different anti-virus software to try and finish off the infection for good.

 

[jloy1]

Rouge Anti-Virus software is a bitch, RougeAmp has really good rouge videos and I think one is about this. Malwarebytes Anti-Malware is your other best solution and install an anti-virus, I recommend either Kaspersky(Paid), AVG(Paid or Free) or Comodo Internet Security(Free). Safe mode may also need to be used.

 

[Cue]

Malwarebytes' Anti-Malware. Quick Scan then Full Scan. Use Safe Mode with Networking where necessary.

And for real-time security, Microsoft Security Essentials.

Also, yeah, don't kill the Windows Service Host, it kinda runs things.

 

[trentdude2]

Ahhhh I remember my first virus! Kept gettin popups on my taskbar that said "UNOTHOSIZED ACCESS TO YOUR COMPUTER! The fact that they spelled unauthorized wrong gave it away.

 

[Spiral_Nemesis]

My first virus popped up windows with things that included less words and more....images. I went to cartoonnetwork.com to play games (was really young when it happened) and I guess I typed it wrong. My dad ran over to pull the power cord!=.=

Sent from my Droid using Tapatalk

 

[BlueZero4]

Malwarebytes' Anti-Malware. Quick Scan then Full Scan. Use Safe Mode with Networking where necessary.

I'm pretty sure I need to be able to run .exes for Malwarebytes' Anti-Malware, unless safe mode has an independent registry or something epic like that. Would it be able to fix my registry once it's running?

And yes, I did try to install that right after AVG failed me. I was a good little community member and used my friendly-neighborhood search box to glean the wisdom that has already been spoken. The virus didn't let it run, obviously. It may have in safe mode, but it's too late now!

 

[jloy1]

If all else fails, backup whatever you need and reformat.

 

[Cue]

If all else fails, backup whatever you need and reformat.

No no no no no no no no no.

No virus ever should need you to format.

Blue, there's nothing stopping you fiddling with the registry while in Safe Mode. Just fix EXEs in Safe Mode and run MWB.

 

[Colson]

Haha, I remember when my pre-algebra teacher got one of these on his PC. He had it hooked to projectors and speakers, and the friggen thing kept making this screaming noise which always scared the crap out of everyone. His excuse for not getting someone to fix it was that it was in the middle of October and he wanted to scare everyone. :V

 

[Boinciel]

I forget who it was that originally recommended it to me, but I've used SUPERAntiSpyware to get rid of a couple of really pesky ones. Though I'm not sure if that would help you with your present problem of EXE filetypes not initializing (although if they didn't initialize ever your computer probably wouldn't boot up).

 

[light the elementa]

Does anyone know how good Symantec Antivirus is? Because that's what I have/

 

[SonicX8000]

Here's what I use.

Avast! 6.0 Free version. (Has some real-time shields, also comes with a Boot-time Scan, if I recall... they updated the Boot-Time scan so it works with 64-bits now.)
SUPERAnti-spyware Free
Malwarebytes Anti-Malware Free

Pretty much with these so far I never had any issues with my computer, and not to mention I scan it before shutting down during the week, or if the computer acts funny and stuff like that.

Of course, you can use whatever else that works for you, although Malware-bytes is a recommended program.
-----
Yea... I went off-topic, sorry, now then...

Does it happen for ALL the EXE programs, or are there certain ones that just don't work? If it's certain ones that don't work, for example, Malware-bytes not wanting to run but a different EXE that isn't a anti-whatever that runs.

*Examples to name a few.*
srb2win.exe(SRB2): Runs
mbam.exe (Malware-Bytes): Doesn't run
Firefox.exe (Firefox Browser): Runs

If that's the case, then I am going to just say that Malware/Viruses are preventing you from running it, I know there are certain viruses that even delete certain EXEs such as the Malware-bytes exe, forcing you to re-install it.

If the virus does block you from running Malware-bytes, try renaming the Malware-bytes exe it into something else, like instead of it being "mbam", name it into something such as "randomnamesothiscanrun" and such, and just hope that it runs.

 

[corneliab]

I'm pretty sure I need to be able to run .exes for Malwarebytes' Anti-Malware

What you're supposed to do in this situation (last I checked) is to change the extension from ".exe" to ".com".

Last year I had to deal with a similar problem, so I read around and was advised to change the extension to circumvent the exe block. It worked and I was able to completely wipe away the virus.

Things may be different now, but hopefully they aren't.

 

[Chaos Knux]

Aw, damn. That's the virus that I stupidly formatted away just after 2.0.1 came out... >=[
Lost a good 5 gigs of decent WADdage I never got back.

 

[BlueZero4]

Just so I'm not leaving you guys in the dark, here's an update about how I'm doing.

I'm currently posting this from my formerly infected computer. I used a combination of Corneliab's ".com" suggestion (which sounded crazy until I tried it) and Cue's Malwarebytes Anti-Malware. MAM picked up more infected files than either AVG or ClamWin. My thanks to both of you. I've also installed AVG Free because MAM doesn't do real-time protection with the free version.

MAM fixed my .exe problem, so I didn't have to do any registry stuff. My one remaining problem is that there's a Windows Security Alert icon in toolbar (which seems legit) that says I have auto-updates off. Clicking on it gives me the Windows Security Center pop-up which has a "Turn on automatic updates" button. Clicking said button tells me "Oops, the Security Center couldn't change your automatic update settings. Perhaps you'd like to fix it yourself in Control Panel -> System -> Auto Update tab?" So I did that, and the control panel menus say it's enabled just fine, but the warning icon is still in the taskbar. Also, the Security Center still says auto updates are disabled. My thoughts are that it may not really be fixed if all of Windows doesn't agree on it.

Thoughts?

 

[Cue]

I'd actually recommend Microsoft Security Essentials, very resource friendly, especially compared to AVG which can be a real whore and is kinda intrusive by default (putting shit at the bottom of my mail dammit).

Try doing another full scan with MAM and see what happens, just in case.

 

[MechaS3K]

I'd actually recommend Microsoft Security Essentials, very resource friendly, especially compared to AVG which can be a real whore and is kinda intrusive by default (putting shit at the bottom of my mail dammit).

I'd say just the opposite. I simply wouldn't trust a company that flubs security as often as Microsoft to make quality anti-* software. If you want something relatively resource-friendly, try avast!.