SydLexia.com - The Forums :: View topic

Posted: May 25 2011 10:47 pm

So I don't know what caused it, but I've got something wrong with me computer. When I try to open things on the desktop, it asks me what program I want to open it with instead of just opening it and the default option is Firefox, I have to browse for the actual program. And I've got some Firefox windows opening on their own as spam ads. And when I ran Malware, it finished the scan immediately and said there were no issues. And finally, I did just download a Windows update which for some reason tends to wreck my computer more than it ever helps...

Any thoughts?

System restore didn't help and I can't run Malware in safe mode for some reason.

Posted: May 25 2011 10:50 pm

what OS are you using?
what kind of programs are you opening up?
um, i dont know what else to ask for, just trying to look smart.

Posted: May 25 2011 10:56 pm

Windows Vista and just Firefox at the moment of things turning to crap. Oh and my touch scrolling is apparently off too.

Banned Joined: Sep 13 2008 Posts: 3129

So you tried the safe mode stuff like we told you in the IRC... and system restore isn't working?

... Well I have one thing we could try... It's called Combofix. It's a powerful tool, but it's kind of last resort and it IS NOT a tool for someone with minimal computer experience... and I'm sure GP can handle this better with his level of experience.
(if you get stupid and decide to try it, the only safe place to download Combofix is from bleepingcomputer)

EDIT: This program will clean most infected machines. But it's not very tolerant towards anything that has more privileges than it should. Things like iTunes will get fucked up and fixing the computer to get it running normally after you get rid of the virus usually involves a couple runs with things like Disk Cleanup, Chkdsk, PCDecrapifier (sometimes), and even some manual removal of stuff. It really requires a moderate to expert level of knowledge to use this properly

Joined: Jun 08 2010 Location: Termina Field Posts: 1541

Also, before using combofix, I would suggest using rkill, also found at bleepingcomputer. It attempts to terminate known malware processes. Run that, then do a full malwarebytes scan.

Posted: May 26 2011 01:56 am

Try Microsoft Security Essentials. It's free, from Microsoft, and actually works really well.

I just had to redownload on my parents machine because, well, they are my parents and that means they are more accustomed to smoke signals.

Joined: Dec 06 2007 Location: Connecticut Posts: 11244

Hacker, you are going too agressive and dangerous right off the bat with combofix.

1. Uninstall your current antivirus software

2. Download the following:
http://ninite.com/essentials-firefox-flash-java-malwarebytes-reader-shockwave-super/

Includes:
* Security Essentials - Antivirus
* Firefox 4.0
* Updated Flash for Firefox/Chrome
* Java with updates
* Malwarebytes
* Updated Adobe Reader
* Updated Shockwave
* Super Anti Spyware

3. Run Malwarebytes
4. Run Super Anti Spyware

If you continue to have trouble let me know, there is much more we can do, but I'd like to know what does and does not work at this point. Also, use IE or download Chrome until you resolve your Firefox issues.

Posted: May 26 2011 09:41 am

I can't install that, says a certificate chain could not be trusted to build a root authority?

I think Vista Security 2011 is part of my problem because it keeps auto running it, telling me I'm vulnerable and have a million threats, but then won't let me clean it without buying it and won't let me quit the fucking thing.

Joined: Dec 06 2007 Location: Connecticut Posts: 11244

What the hell is Vista Security 2011? Did you install it? Sounds suspect.

Posted: May 26 2011 09:54 am

I'm pretty sure it's the virus, I can't close it or find it. And I think it snuck in when I was finishing the Windows update and I just clicked ok when I was trying to get through all those menus without realizing it wasn't legit.

Joined: Dec 06 2007 Location: Connecticut Posts: 11244

Try downloading superantispyware and malwarebytes on another computer and then running them in safe mode on your machine.

Joined: Jun 08 2010 Location: Termina Field Posts: 1541

Black Zarak wrote:

I can't install that, says a certificate chain could not be trusted to build a root authority?

I think Vista Security 2011 is part of my problem because it keeps auto running it, telling me I'm vulnerable and have a million threats, but then won't let me clean it without buying it and won't let me quit the fucking thing.

Yup, Vista Security 2011 is definitely a fake antivirus. Like I said before, use rkill (download), and then do a full malwarebytes scan.

Posted: May 26 2011 10:33 am

Well, Rkill got rid of it asking me what program to use to open things but now I have to reinstall Malware because I deleted it when everyone was like "Delete your anti virus stuff before trying this." to be safe.

Alright, new version installed, scanning and DIDN'T finish the scan in three seconds so I think we're making progress...

Posted: May 26 2011 10:50 am

did you try this:

FNJ wrote:

You gotta toggle the galvatron reaction core, then after that you must go into the dik.4 files and transverse the alternator by changing the settings on the ultimate nullifier.

after you do that go into the googlebot folder, turn on buffer underrun protection (to stop a baroque cancel) and get the alpha countering settings. open that in notepad, scroll down about three fourths of the way, and look for a part that says something about a K.I.L.R.O.Y. protocol. You might have to double check this in double zeta settings. see if that's set to RX-78 or not, and copy paste that here. After that I'll tell you what you should do to get it working.

Also, make sure your speakers are set to "stereo".

Posted: May 26 2011 10:52 am

If all else fails, take it out back and shoot it. In the face.

Posted: May 26 2011 10:55 am

Pff, who still uses a galvatron reaction core in this day and age?

Posted: May 26 2011 10:56 am

pfft, who uses vista?

Posted: May 26 2011 10:59 am

It came with the computer! And I'm lazy and ignorant of how I would get a better OS without paying an ass ton for one!

Posted: May 26 2011 11:03 am

Yeah, normal fucking people don't buy fucking operating systems. Your fucking computer comes with a fucking operating system, and that's the fucking end of it. Only weirdo fucking techies voluntarily upgrade their operating systems.

Posted: May 26 2011 11:41 am

Ok new (and horrible!) issue: mid-way through the Malware scan, my computer crashes and restarts itself. It has done this in normal and Safe modes now and the first time i got a blue screen of death error that flashed by before I could read it, second time, in safe mode, it just turned itself off and restarted without giving me anything.

But on the plus side, programs don't ask me what i want to open them with, Vista Security 2011 isn't running and telling me I'm super duper at risk every two seconds and touch mouse scrolling is back on. I'm going to declare a tentative success against the virus, but maybe a long term failure in the war against technology.

Posted: May 26 2011 11:46 am

I should've asked you guys how to fix the virus I got last year Sad

Or was it the year before? Anyway, in the end the only way I could get rid of it was to wipe the hard drive and start all over. :\

Here's what it did: it apparently corrupted every single program I had on my computer, from web browser to AIM to freakin Notepad. Whenever I tried to launch something it gave me an error saying the program was corrupted. I couldn't launch any anti-virus programs to get rid of it, I couldn't open a web browser to get a new anti-virus program, and I couldn't even run system restore. Booting up in safe mode made no difference.

What would your guys' suggestions had been if I had asked back then? :3

Posted: May 26 2011 11:56 am

Fire. And lots of it!

Posted: May 26 2011 12:21 pm

I got this virus before, about 1-2 years ago, I fixed it with ComboFix, after several other venues failed.

Aika, the files weren't necessarily corrupted. Viruses like that often lie to you, just like they lie to you about havin 10,000 viruses found on your system.

Posted: May 26 2011 12:30 pm

I understand that, but any program I tried to run would error out without even launching, so the effect is the same.

Posted: May 26 2011 12:39 pm

Could you CTRL-ALT-DEL to bring up Task Manager? IIRC, that's what I did. And then I was able to stop the fake security program just long enough to run a Malwarebytes and Hijack This which removed most of the nastier elements of the virus. Then I ran ComboFix to clear up a few lingering performance issues. My understanding though is that some newer, nastier versions of the virus prevent you from even running Task Manager, by changing your admin settings.

Of course, that's another workaround. If your computer has multiple user accounts, often times you can run stuff on user accounts other than the one that was initially infected. For example, the default admin account.