I need your help with a virus

[Abe Sargent]

I downloaded a program today from Steam, and afterwards, my PC started acting funny. It had screens pop up and tell me to download Anti Virus Vista 2012. I knew that was likely those nasty spyware/virus things that try to get you to do something. I brought up Firefox to get more info, and every window and tab said the same thing. I brought up Windows Task Manager and found a file name I didn't recognize, traced to a file folder with local file,s closed it, and deleted it. Then I brought up Firefox, and everything looked good.

I tried to open another program and it wouldn't open. Instead, it brings up the "Open With" Choose Which program to Open this File with window. WTF? I run Symantic, which I get for free from Wayne State, and it found some minor things, and I hoped that was the end. It wasn't, and I used Run As Administrator to open stuff, still unable to open things normally (this includes buttons on the lower toolbar at the bottom of Windows).

I managed t d/l and reinstall the latest Firefox, just in case it lingered there. I ran on outdated AdAware. No dice. This isn't the first time that Symantic has blown saving my PC from stuff and not able to find it, even updated automatically. I decided to bite the bullet and purchase McAfee. I downloaded the file, and tried to open it with Administrator.

My Task manager accepts that the install opens, and then it closes again just a few seconds later. I tried rebooted my PC, and some things would open with Administrator ,and others wouldn't (such as a new version of AdAware, my recently purchased McAfee )

Something weird is on my system. Reboots, nothing spicy in my Task Manager, Symantic missed, an outdated AdAware missed.

My Google-Fu is unable to find a solution or even what the problem is. Why can't I open a quick little install file after trying to d/l it three times? What is interfering with my PC by forcing me to deal with these Open With windows?

If you have experienced this, or have technical knowledge is this area, it would be greatly appreciated. I;ve bee working on it for an hour now to no solution.

[SirFozzie]

Get Spybot Search and Destroy

[Abe Sargent]

Oh, it looks like I also d/l'd a song from iTunes today That's all I've d/led for most of a week.

[mckerney]

I've always had luck using ComboFix when I've had a virus I couldn't take care of through conventional means.

[Abe Sargent]

Alright, I'm trying spybot search hand destroy right now.

[Abe Sargent]

I found five things, and one included whatever i was that was mucking about my system. Now McAfee is installed and running ,and it's finding new things too. It's like no one program finds everything. It's wierd.

[bhlloy]

Quote:

Originally Posted by Abe Sargent

I found five things, and one included whatever i was that was mucking about my system. Now McAfee is installed and running ,and it's finding new things too. It's like no one program finds everything. It's wierd.

This has always been my experience whenever I've had something nasty. Whether it's different software's specializing in different things or whether it's the virus creators specifically blocking certain features of certain AV softwares I have no idea, but usually a safe mode boot, a run through of Spybot, Ad-Aware and AVG/Trend Micro followed by the same course again for good measure will kill anything and everything.

[MizzouRah]

Run this one first:

http://www.malwarebytes.org

Run it until all is clean, then run this one:

http://www.superantispyware.com

[albionmoonlight]

let me second combofix for something we used when nothing else would work. big fan of malwarebytes too.

[Kodos]

Quote:

Originally Posted by MizzouRah

Run this one first:

Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Run it until all is clean, then run this one:

http://www.superantispyware.com

Those are my two weapons of choice.

[PilotMan]

Quote:

Originally Posted by Kodos

Those are my two weapons of choice.

+2

[Sweed]

Quote:

Originally Posted by MizzouRah

Run this one first:

http://www.malwarebytes.org

Run it until all is clean, then run this one:

http://www.superantispyware.com

MR, do you use the free versions?

[SteveMax58]

I would 3rd the malwarebytes suggestion.

I had a nasty virus on my wife's laptop that even appeared in safe mode. I tried literally 5 different (free) anti-virus apps and malwarebytes got rid of the dam thing.

[Marc Vaughan]

MalwareBytes is pretty bullet proof imho, whenever family or friends screw up their machines I generally find that does the trick.

[BYU 14]

Malwarebytes is good and I would also throw in a recommendation for AVG2011 as a permanent virus protection. They have a free version that has done a better job than anything I have ever paid for.

[tucking fypo]

I had something similar to this on my computer about two months ago. All I was thinking was I wanted to do with the person that came up with this. Finally got rid of the thing with a combination of MalwareBytes, Microsoft Security Essentials, and Glary Utilities.

[DaddyTorgo]

I'm surprised it was in a Steam game though. I find that tough to believe (not saying I don't believe you though). You might think about shooting them off an email and letting them know...

[Alan T]

Quote:

Originally Posted by DaddyTorgo

I'm surprised it was in a Steam game though. I find that tough to believe (not saying I don't believe you though). You might think about shooting them off an email and letting them know...

I'm not going to say that it definitely was or wasn't Steam, but this is the exact type of symptoms from a very very very common iframe attack from simple web browsing. Many web sites (including various commonplace or trusted sites) get infected at times and most people's systems are vulnerable because they don't block scripts, don't block iframes and don't keep their system updated on security patches.

Abe said he used firefox above, so I would recommend using the addon called "NoScript" and then when installing it, make sure to go into settings and disable iframes. I also always recommend people keeping systems patched for security issues regularly. Usually vulnerabilities are exploited within the day of being announced (and sometimes even before).

[MizzouRah]

Quote:

Originally Posted by Sweed

MR, do you use the free versions?

Yes sir.

I always use AVG for virus protection and then run superantispyware once a week before backing up my pc to external HD.

I keep malwarebytes updated, but only run it if something like Abe ran into happens.

[hoopsguy]

I agree with the tools that people are recommending, but if I'm trying to exterminate a virus then I would ideally like to have instructions that are specific to the one plaguing me.

Remove Win 7 Antispyware 2012 and Vista Antivirus 2012 name changing rogue (Uninstall Guide)

I would try following the instructions listed here, and their "weapon of choice" is the aforementioned Malwarebytes program.

In the event that you don't trust the site I've referenced, I'm guessing there would be similar instructions provided by Symantec, McAfee, or other AV vendors as well.

Bottom line - I think Malwarebytes is a terrific program, but I prefer using it in tandem with virus-specific instructions rather than just hoping it (or some pairing of programs) are good enough to root this stuff out without knowing what exactly they are seeking.

[hoopsguy]

Also, if you need to download software don't do it from the infected computer - I'm sure this is "duh" advice for many here, but I see people do this all the time. And they can't understand why the AV software won't download properly. Use another computer, copy any required software to a USB drive, and come back to your infected system well armed to fix the problem.

[dacman]

Malware Bytes + system restore to a point before the infection has been the tried and true method in my office, and we get 1-2 of these a month.

[Sweed]

Quote:

Originally Posted by MizzouRah

Yes sir.

I always use AVG for virus protection and then run superantispyware once a week before backing up my pc to external HD.

I keep malwarebytes updated, but only run it if something like Abe ran into happens.

Thanks.

[Mizzou B-ball fan]

I always install WinPatrol on my computers. If anything tries to install or adjust the registry, it lets me know. I haven't had a virus since I started using it, though I have averted many attacks.

[Sweed]

Quote:

Originally Posted by Mizzou B-ball fan

I always install WinPatrol on my computers. If anything tries to install or adjust the registry, it lets me know. I haven't had a virus since I started using it, though I have averted many attacks.

I've had this on my machines for years and really like it.

[Abe Sargent]

Luckily, with McAffee, The Spybot sweep and kill, Symantic and AdAwre we are rocking and clean.

[Grammaticus]

If you are still having problems, these guys at safer networking forums will get you fixed up:

Malware Removal - Safer-Networking Forums