Got something nasty in my PC that just won't die... and now it's become truly maddening. Adaware, Malwarebytes, RegCure, and Spybot S&D are no match for it. First it hijacked my web browsers, then a folder on my HDD... forced me to log on at startup (wasn't set for that). It then would not allow me to run Malwarebytes, nor could I download a new version. Any page with reference to that program was denied. Pretty slick.
Got MWB elsewhere and installed it off a zip drive... fixed a number of problems, but success was not 100%...suddenly my sound drivers were gone, or corrupted. Fixing this got so hairy I was forced to do a repair of XP (did I mention Restore Points and Add/Remove Programs, and firewall controls were also disabled?). Didn't use Repair Console, I did it the "better" way. Well, that went OK, but I still can't use System Restore, Add/Remove Programs, the firewall,or my (onboard) audio. And when I went to re-install SP2, this trojan (?) now will not allow me to access any web page that has it available for download, even 3rd party downloads. Isn't that cute?     



I'm thinking of doing a full reinstall of XP, but not sure if it's worth it, even though Windows 7 would probably require a lot of work to play nice with my installations (I also really don't want o spend the dough on a new OS, not yet).

And I'm not sure exactly where the infection is...I've considered getting another HDD, but I'm not even sure if it's safe to try to pull anything off that HDD before removing it, sprinkling it with holy water, smashing it into 1000 pieces, then burning it and sinking what's left into the ocean. 
 
... any thoughts? 

Hagar wrote on Jan 7^th, 2010 at 3:08pm:

You can be sure I've never DLed any "helpful" pop-up thing... but I do know that some of them cannot be clicked away; if it pops up, it is getting in. It's a possibility.

Go to bleepingcomputer, maybe they can help

http://www.bleepingcomputer.com/

Since it is all volunteer they are not the fastest, but you can give them a try.

Either that or completely reformat your HD, do not restore, do not repair, completely reformat!

If you take anything off of it you need to only take known good files that you can not replace and only take files with known good files extensions like txt, doc, xls etc.

Any file that is exe do not take unless you are postive about the origin of the file and if you have any doubts do not take a copy and put it on you reformatted HD. 

Anything that you can get off the internet like Auto Thumbnail, AICarriers2, etc. leave it and just download it off the net on to your reformatted HD.

Rod

Steve M wrote on Jan 8^th, 2010 at 6:24pm:


I highly doudt it since they are not networked plus the fact as you say, if that was the case all would be infected, a virus is not just going to infect one and leave the other alone.

Rod

beaky wrote on Jan 7^th, 2010 at 3:16pm:


Rotty,

You don't have to deliberately download it (or it makes you think you are not doing that).  It is a "drive by shooting" type thing.  You'll go to a website that has it, it'll pop up a window that LOOKS like a Windows message.  It installs automatically.  And no matter where you click on the pop-up window to get rid of it.... including the red X...... it installs the garbage.   It is so slick you can easily miss the fact that you got it.

And they keep re-writing the thing as the fixes get posted on the anti virus sites and boards...so the info from a week ago might no longer work.

I feel your pain!!!!!!  Good luck.  It took me a literal 24 hours of intense work.

best,

................john