• Hit with the infamous "red dot white x virus"
    19 replies, posted
This has to be the smartest most annoying virus ever. Last week I downloaded the virus, probably from a p2p program that was running. I got rid of the virus and my computer was running normal except that it took forever to boot but that isn't a big problem. This past weekend the same virus infected my dads laptop and shitted on it. He gave me a flash drive to put some anti virus software on it and I did but when I got back to my computer the virus was infecting it. Apparently the virus jumped onto my fathers flash drive when he put it into the laptop. Is that even possible? I've tried everything I can think of to delete this bastard, from running in Safe Mode and going into regedit to installing tons of different antivirus/spyware removers. It disabled Nortons Symantec (while real-time protection was on apparently), Avast, Super antispyware, *malwarebytes*, Spyhunter, Windows Defender, Spybot: search and destroy and AVG; but, that's not all! It also disabled ANY and EVERY .exe file on my computer from being run even while in Safe Mode telling me "This application has failed to start because the application configuration is incorrect. Reinstalling the application may fix this problem." Also, the god dam thing took away my administrative rights so that limits me even more. In my tray I have a red dot with a white x ("Advanced Virus Remover") and a white shield with a blue stripe ("Windows AntiVirus Pro"). And periodically an orange triangle with a white "!" in it. The "Advanced Virus Remover" is disabled (I think) and doesn't run anymore because I deleted the registry entry; However, it still appears in my tray and on my desktop and changes my background. Almost as soon as I disabled the "Advanced Virus Remover", the new "Windows AntiVirus Pro" appears and causes even more damage. Aside from reformatting, is their anything else I can do?
[QUOTE=D.a.K.;16802887]This has to be the smartest most annoying virus ever. Last week I downloaded the virus, probably from a p2p program that was running. [b]Like limewire?[/b] I got rid of the virus and my computer was running normal except that it took forever to boot but that isn't a big problem. [b]it is a big problem[/b] This past weekend the same virus infected my dads laptop and shitted on it. He gave me a flash drive to put some anti virus software on it and I did but when I got back to my computer the virus was infecting it. Apparently the virus jumped onto my fathers flash drive when he put it into the laptop. Is that even possible? [b]thats the first thing it would do.[/b] I've tried everything I can think of to delete this bastard, from running in Safe Mode and going into regedit to installing tons of different antivirus/spyware removers. It disabled Nortons Symantec (while real-time protection was on apparently) [b]because norton is shitty. don't use it[/b], Avast, Super antispyware, *malwarebytes*, Spyhunter, Windows Defender, Spybot: search and destroy and AVG; but, that's not all! It also disabled ANY and EVERY .exe file on my computer from being run even while in Safe Mode telling me "This application has failed to start because the application configuration is incorrect. Reinstalling the application may fix this problem." Also, the god dam thing took away my administrative rights so that limits me even more. [b]sounds a lot like a rootkit[/b] In my tray I have a red dot with a white x ("Advanced Virus Remover") and a white shield with a blue stripe ("Windows AntiVirus Pro"). And periodically an orange triangle with a white "!" in it. The "Advanced Virus Remover" is disabled (I think) and doesn't run anymore because I deleted the registry entry; However, it still appears in my tray and on my desktop and changes my background. Almost as soon as I disabled the "Advanced Virus Remover", the new "Windows AntiVirus Pro" appears and causes even more damage. Aside from reformatting, is their anything else I can do?[/QUOTE] well its probably a rootkit, so even if you do recover, your computer will basically be screwed. i suggest a reformat, and (not saying you do) but don't use norton/mcafee or internet explorer.
[QUOTE=BananasGoMoo;16803097]well its probably a rootkit, so even if you do recover, your computer will basically be screwed. i suggest a reformat, and (not saying you do) but don't use norton/mcafee or internet explorer.[/QUOTE] I would reformat but the computer I'm using is from my dads office and the OS was installed there, by the company so we don't have the Windows XP disc. I don't even bother with McAfee or IE and Norton's is disabled so I don't have to worry about that >.<
[QUOTE=D.a.K.;16803240]I would reformat but the computer I'm using is from my dads office and the OS was installed there, by the company so we don't have the Windows XP disc. I don't even bother with McAfee or IE and Norton's is disabled so I don't have to worry about that >.<[/QUOTE] when you say Norton's disabled, you mean uninstalled right? because it doesnt disable, even if you tell it not to run at startup. anyways, basically the option is format, or get a rootkit remover and run in safe mode, then have a screwed up OS afterwards. BTW, you probably won't get admin rights back.
As far as I know its not uninstalled. I still see it in my program files and the start menu. It just doesn't work. I have no clue what its doing. What does a rootkit remover do? How would the OS be screwed up? I already know I'm not getting admin rights back. This virus is too smart.
[QUOTE=D.a.K.;16806352]As far as I know its not uninstalled. I still see it in my program files and the start menu. It just doesn't work. I have no clue what its doing. What does a rootkit remover do? How would the OS be screwed up? I already know I'm not getting admin rights back. This virus is too smart.[/QUOTE] basically rootkits mess with the most important stuff on your computer (admin rights, loging in, etc) and since its pretty hard to recover from a normal virus 100%, a rootkits even worse. [url]http://en.wikipedia.org/wiki/Rootkit[/url] and a rootkit remover is like a malware remover. it removes certain malwares/rootkits and i suggest you uninstall norton & it would be good if the others had caught it.
What's wrong with Norton? Everyone thinks Norton is so bad, when it works awesome. Format, if it is a rootkit. I can get rid of every virus I've had, but I can't get rid of rootkits.
[QUOTE=_Underlined_;16808909]What's wrong with Norton? Everyone thinks Norton is so bad, when it works awesome. Format, if it is a rootkit. I can get rid of every virus I've had, but I can't get rid of rootkits.[/QUOTE] A while ago I was running Avast and Norton at the same time to compare them. I went to download a GTA map editor and Avast picked up a virus in the download and stopped it. Norton, however, did nothing. Keep in mind that Avast is free.
[QUOTE=_Underlined_;16808909]What's wrong with Norton? Everyone thinks Norton is so bad, when it works awesome. Format, if it is a rootkit. I can get rid of every virus I've had, but I can't get rid of rootkits.[/QUOTE] From what I have seen it has fairly low detection rates for viruses and from a dumbass friend's experience it can't remove viruses well and it didn't seem to detect them when you run the program like most anti viruses ( he had over 300 viruses detected and he didn't even know about it until he did a full scan )
[QUOTE=D.a.K.;16802887]He gave me a flash drive to put some anti virus software on it and I did but when I got back to my computer the virus was infecting it. Apparently the virus jumped onto my fathers flash drive when he put it into the laptop. Is that even possible?[/QUOTE] Actually, you'd be amazed how easy it is to do that. Any worm worth its salt will infect anything it can get write access to - local hard drives, floppies, shared folders with write permissions, thumb drives... [QUOTE=D.a.K.;16802887]It disabled Nortons Symantec (while real-time protection was on apparently), Avast, Super antispyware, *malwarebytes*, Spyhunter, Windows Defender, Spybot: search and destroy and AVG; but, that's not all![/QUOTE] In my humble opinion, Spybot is the best thing in that list. Norton has been known for years to be worthless, and I've had bad experiences with Avast (and AVG, too). You can't count on Windows Firewall or Defender protecting you, since all malicious code is built to bypass it (since everyone has it). My personal recommendation for virus scanner is either ESET NOD32 (amazingly fucking fast and very effective), or Sophos Antivirus (I've seen it kill rootkits with my own eyes, and Google trusts it). Unfortunately, neither of those is anywhere near free. [QUOTE=D.a.K.;16802887]Also, the god dam thing took away my administrative rights so that limits me even more. [/QUOTE] I'm sorry to tell you, but that was your fault. It's okay, 95% of people don't know utilize the three tricks I'm going to tell you right now: 1) Rename the default Administrator account and make sure to give it a [url]strong password[/url]. This simple step will stop a massive number of malicious programs dead in their tracks. 2) Don't always use an account with Admin access, especially when downloading/running untrusted software - use a limited User account! This step is SO GODDAMNED SIMPLE, but nobody ever listens. Think about it: Even if the malicious code managed to take complete control of the account, it still couldn't affect your whole system! 3) Whenever you suspect an infection, IMMEDIATELY disconnect your computer from any and all networks. Not only will this protect others around you, it'll stop the little bugger from downloading its friends - which the vast majority of them will try to do. [QUOTE=D.a.K.;16802887]Aside from reformatting, is their anything else I can do?[/QUOTE] Without expert knowledge and some powerful tools (I'm talking Hirens, ERDC...)? Probably not too much. Sorry.
rootkit. Reformatting is a must if you want to gain complete control. The only problem with rootkits is that they can edit major system files to where they fuck up everything.
I'm not 100% on that, myself. I mean, you could do all that if your bug was smart with the registry. But there's a good chance, yea. Either way, a reformat would be the best option. Oh, and for the love of the Internet, don't go backup your files now - you'll just reinfect yourself when restoring them.
First of all I want to thank everyone who posted for all the help, I really appreciate it. [QUOTE=Taehl;16810455]I'm sorry to tell you, but that was your fault. It's okay, 95% of people don't know utilize the three tricks I'm going to tell you right now: 1) Rename the default Administrator account and make sure to give it a strong password. This simple step will stop a massive number of malicious programs dead in their tracks. 2) Don't always use an account with Admin access, especially when downloading/running untrusted software - use a limited User account! This step is SO GODDAMNED SIMPLE, but nobody ever listens. Think about it: Even if the malicious code managed to take complete control of the account, it still couldn't affect your whole system! 3) Whenever you suspect an infection, IMMEDIATELY disconnect your computer from any and all networks. Not only will this protect others around you, it'll stop the little bugger from downloading its friends - which the vast majority of them will try to do.[/quote] Thank you VERY much for these tips, I'll be sure to remember them. As a matter of fact, last night I disabled my internet connection and as soon as I did that the pop ups stopped showing up and the silly little tray icons seemed to be dead. Also, disconnecting allowed me to install and run Spybot! As I type this its scanning a lot of wierd files ("MSINFO.DL_" , "IPH.PH" , "ICONIC.WM_") but it did manage to catch a "Win32.Agent.sfg", but thats all it found so far.
[QUOTE=Taehl;16810455] In my humble opinion, Spybot is the best thing in that list. Norton has been known for years to be worthless, and I've had bad experiences with Avast (and AVG, too). [/QUOTE] The funny part is that avast! and Spybot are designed for entirely different things.
[QUOTE=waxrock;16816864]The funny part is that avast! and Spybot are designed for entirely different things.[/QUOTE] If I'm not mistaken, doesn't avast! detect some spyware?
[QUOTE=mgear;16817023]If I'm not mistaken, doesn't avast! detect some spyware?[/QUOTE] a little, but spybot was made for spyware. EDIT: 2000th post.
[QUOTE=BananasGoMoo;16823543]a little, but spybot was made for spyware. EDIT: 2000th post.[/QUOTE] Congrats on 2000th, mines coming up.
I'll plan a party for you would you like one clown or two
[QUOTE=reapaninja;16825442]I'll plan a party for you would you like one clown or two[/QUOTE] :rock:
not you, you're on 2004, you're old news
Sorry, you need to Log In to post a reply to this thread.