close

Privacy guaranteed - Your email is not shared with anyone.

new virus affecting abilit to run malware cleanup

Discussion in 'The Okie Corral' started by Mr981, Jan 18, 2010.

  1. Mr981

    Mr981

    Messages:
    2,576
    Likes Received:
    688
    Joined:
    Dec 27, 2000
    Location:
    N. Central OH
    somehow, a virus was picked up from an email now is preventing me access to Thunderbird to get email. A pop up pushing AntiVirus Live keeps showing up and I can;t get rid of it. tried to go to my local providers site to get the fix but when I try to run it I get a pop up that prevents me from cleaning it up.

    I ran Avast just now and it showed no bugs..??

    Help.....
     
  2. plasticgunz

    plasticgunz Swollen Member CLM

    Messages:
    590
    Likes Received:
    0
    Joined:
    Mar 29, 2005
    Location:
    Peoples Republic of Illinois
    Malwarebytes will get rid of that. As far as getting to where you can install/run it... Well, I've basically had to fight with the OS over and over getting to the task manager, then killing unrecognized processes until it all stops. Install, update, then run a full scan with Malwarebytes. Good Luck.
     

  3. moeman

    moeman

    Messages:
    17,266
    Likes Received:
    20,502
    Joined:
    Feb 15, 2004
    Location:
    So CA
    If you can still get into the restore points programs> system tools > restore points (pick a date a day before this went down). Then you are OK. If you can't:

    If you can still access the internet then Malewarebytes and Spyware Doctor can be downloaded free (trial) from Download.com by cnet. You can download also them onto another computer and burn a disk.

    Be careful any flash drive you plug in can be infected too!

    If it's blocking your task manager, and restore points and such you will have to research which virus you have and go into the task manager via the run command

    run > taskmgr


    SEE HERE! :
    http://www.bleepingcomputer.com/virus-removal/remove-antivirus-live

    if you can find the culprit then you can shut it off

    worst case you have to get into the registry and delete the the *.exe file that you are SURE is attached to the bug.
     
    Last edited: Jan 18, 2010
  4. Critias

    Critias Freelancer CLM

    Messages:
    9,789
    Likes Received:
    5
    Joined:
    Mar 31, 2005
    Location:
    Garland, TX
    +1 for Malwarebytes Anti-Malware (the base model, a free download, should do the trick). It's cleaned my PC up every time I've needed it to.
     
  5. moeman

    moeman

    Messages:
    17,266
    Likes Received:
    20,502
    Joined:
    Feb 15, 2004
    Location:
    So CA
    The new versions of the virus block off MAM, task mgr, restore points...

    One needs to get into the registry...Nasty!

    BTW: I like MAM a lot too...
     
  6. Critias

    Critias Freelancer CLM

    Messages:
    9,789
    Likes Received:
    5
    Joined:
    Mar 31, 2005
    Location:
    Garland, TX
    When I ran into a nasty just a few weeks back, I was able to run MAM by using a MAM-downloaded trick (that just changes the name of the .exe file for MAM, bypassing the virus' blockage attempts).

    But I've had to wade into the registry a few times, myself.
     
  7. Atomic Punk

    Atomic Punk

    Messages:
    3,762
    Likes Received:
    978
    Joined:
    Mar 11, 2008
    i just picked up somethign yesterday with the same effects. i managed to get rid of most of it, but IE keep opening up trying to access random and i woudl presume infected sites.
    the main problem i am havign right now is IE and every other program i have will not or can not connect to the internet. firefox still connects just fine though.
     
  8. Glock20 10mm

    Glock20 10mm Use Linux!

    Messages:
    15,629
    Likes Received:
    1,519
    Joined:
    Dec 26, 2005
    Location:
    Land of Idiots and Libtards
    What version of Winders you running?
     
  9. Critias

    Critias Freelancer CLM

    Messages:
    9,789
    Likes Received:
    5
    Joined:
    Mar 31, 2005
    Location:
    Garland, TX
    Had any luck narrowing it down to what program name/spyware/malware/whatever is doing it? With a few google searches, you can root out an awful lot of good advice, nowadays.

    Good luck taking care of it!
     
  10. douggmc

    douggmc

    Messages:
    1,871
    Likes Received:
    40
    Joined:
    Feb 23, 2007
    Location:
    Orlando, FL
    I'm going to give the always obligatory ... "Get a Mac" and be done with it post for threads like these.

    ... but you know what. It's true.

    http://www.apple.com/macmini/
     
  11. Bloodbought1

    Bloodbought1

    Messages:
    40
    Likes Received:
    0
    Joined:
    Jan 10, 2010
    You can boot the PC in safe mode and run Malwarebytes program also.
     
  12. harlenm

    harlenm Millennium Member

    Messages:
    9,847
    Likes Received:
    913
    Joined:
    Jul 20, 1999
    Location:
    CT
    one of our work computers got hit the other day, only thing I was able to do was restore windows to it's original state, losing all the data on the computer.
     
  13. BAILIFF

    BAILIFF Piece Officer

    Messages:
    5,578
    Likes Received:
    14
    Joined:
    Oct 14, 2006
    Location:
    I'm over here now.
    This...oh, just in case...http://www.pchell.com/support/safemode.shtml

    Also, search "AntiVirus Live". There are a few sites with removal instructions..
     
    Last edited: Jan 18, 2010
  14. Larry_K

    Larry_K

    Messages:
    160
    Likes Received:
    0
    Joined:
    Sep 9, 2002
    Location:
    TN
    Give this procedure a try: Bleeping Computer - remove Antivirus Live

    The Bleeping Computer website is a VERY good resource when it comes to helping find ways to kill malware. I read quickly through the page I linked above and it sounds like it will likely get your machine cleaned up. The only extra step I'd do above their fix is to reboot afterwards, try the update again for MalwareBytes to make sure it still says you have the latest version, then run one more full scan.

    After MalwareBytes comes back saying you're completely clean I usually go straight to Google and do a few searches to make sure I'm not getting any unusual behavior. Do a search for MalwareBytes and click on the link that goes to www.malwarebytes.org, if you still have an infection/hijack situation it will likely show up now and will redirect you to a bogus page.

    Larry
     
  15. Atomic Punk

    Atomic Punk

    Messages:
    3,762
    Likes Received:
    978
    Joined:
    Mar 11, 2008
    im running win2000 on that machine. dont know quite what it was. ad aware and avast got rid of a couple trojans, i dont recall the name.
    i came homw and the computer had been trying to run an anti virus program i havd not installed and google updater. i stopped all that and ran avast, got rid of a trojan. this morning it tried to run yet another unknown anti virus. it would not let me get into task manager, it kept cancelling it every time it opened. i shut the computer down and ran it in safe mode. deleted some program i did not install and took google updater off the system startup proccess. the anti virus thing has not popped uo since but only firefox can get online now. which is some bonus so whatever is in the machine cant download anythign else now it seems.

    i have not turned the computer back on since then. but im going to download some of the programs suggested in this thread and see what i get.


    and for whatever reason last night and still today spybot will not run. no errors or anythign just wont start. i have re-installed it a few times with no change.
     
  16. Mr981

    Mr981

    Messages:
    2,576
    Likes Received:
    688
    Joined:
    Dec 27, 2000
    Location:
    N. Central OH

    that fixed it; the 4 objects were near the end of the scan--heuristics(?) fake alert--man what a PITA.
     
  17. soulless

    soulless

    Messages:
    945
    Likes Received:
    0
    Joined:
    Aug 16, 2008
    also search for 'spybot-search and destroy'. Freeware program and it's good
     
  18. IndyGunFreak

    IndyGunFreak

    Messages:
    26,899
    Likes Received:
    2,275
    Joined:
    Jan 26, 2001
    Location:
    Indiana
    Probably the version that is safer, and less prone to viruses and spyware(when it first came out..)

    :)
     
  19. IndyGunFreak

    IndyGunFreak

    Messages:
    26,899
    Likes Received:
    2,275
    Joined:
    Jan 26, 2001
    Location:
    Indiana
    For future reference, in case this time didn't teach you, if you suspect(or in this case, know) you are infected, you should always scan from safe mode.
     
  20. Critias

    Critias Freelancer CLM

    Messages:
    9,789
    Likes Received:
    5
    Joined:
    Mar 31, 2005
    Location:
    Garland, TX
    Not out to kick you while you're down, but it's not a bad idea to scribble the names of these things down, for future reference. You can never be SURE they're getting rid of the trojans or not (that's kind of how they work), and knowing exactly what you're dealing with makes it possible to go into the registry and get rid of it yourself, double check that the antivirus is doing the job it's supposed to be, etc, etc.

    The jackasses that design these things nowadays do so with antivirus and malware programs in mind -- knowing how to handle the problem yourself is never a bad idea.