strange new virus

Started by mthompson82, July 18, 2009, 06:22:38 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

mthompson82

July 18, 2009, 06:22:38 PM
I've encountered a strange new virus on my work computer, home computer, and my girlfriend's computer.  While surfing the internet, suddenly a screen will come up telling me "Warning, visiting this site may harm your computer" then you have the option to click "continue unprotected or get security software".  Without thinking, I clicked the X to close the dialogue box.  Upon doing this, I could not go to any website whatsoever.  Every site would say I am not protected.  Just FYI, on my work computer I'm running a corporate edition of AVG.  I also us Lavasoft.  Initially, AVG was not able to detect anything.  I tried restarting the computer, disk defrag, disk cleanup, and several other standard procedures.  None of this worked so I finally did a system restore to 2 months previous.  This worked for about 2 weeks and suddenly the same thing happened again.  This time, when the message popped up I used control alt delete to close everything without clicking.  I ran all virus scans out of precaution and have not had a problem since then.  

That is, until a few weeks ago the same sh&* showed up on my home computer.  I did the same thing, control alt delete and run all virus scans.  Apparently successful once again.  However, now my girlfriend has the same thing on her computer only she mistakenly chose the option to continue unprotected and she can now no longer go to any website.  I'm at work and have not gotten a chance to try and fix it for her.  What I'm really wanting to know is how this thing is able to install itself so easily.  Nothing malicious was ever downloaded on any of these computers.  Anyone have any ideas?


Edited by winchester73:  Since we don't know if minors visit this site or not, we attempt to police the slang  :)

Paddy

#1
July 18, 2009, 11:24:29 PM
Hi  mthompson82  Please start with this ...And with all the computers effected.

Please download ATF Cleaner by Atribune from http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25 .  Save it to your Desktop.

Run ATF Cleaner

  • Double-click ATF-Cleaner.exe to run the program.
  • Click Select All found at the bottom of the list.
  • Click the Empty Selected button.
  • Click Exit on the Main menu to close the program.
  • Shutdown/restart the computer.



Next Please download Malwarebytes' Anti-Malware to your desktop.


  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.

    Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Please post contents of that file in your next reply.
Next


  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Paddy..
This is one race of people for whom psychoanalysis is of no use whatsoever - Sigmund Freud (about the Irish)

Never argue with a fool, they will lower you to their level and then beat you with experience.

Corrine

#2
July 18, 2009, 11:43:03 PM
As far as the work computer goes, you need to contact the Help Desk where you are employed.  Let's do the other two computers one at a time.  Otherwise, it would get confusing as to which machine we're helping with. 

In response to your question, particularly if a computer does not have all security updates, up-to-date antivirus software and software firewall, it can be infected by a drive-by install.  See Rogue Antivirus - A Closer Look at Win32/Antivirusxp for an example of a drive-by.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Corrine

#3
August 15, 2009, 07:57:49 PM
bekz09,

Your post has been split to a topic of your own.  Please go here to see Winchester73's response:  http://www.landzdown.com/index.php?topic=35507.0


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.
Print
Go Up Pages1
User actions