(Msg. 1) Posted: Sun Sep 07, 2008 9:30 pm
Post subject: I have a virus Archived from groups: microsoft>public>windowsxp>general (more info?)
I have a virus. My desktop is white with "Active Desktop Recovery" which
when I hit "Restore my Active Desktop" I get the message "an error occured in
the script". Plus my start menu is gone. When I hit start, the right side is
blank plus "programs" is gone. I ran Ad-Aware and AVG and this cleaned up a
lot of the pop ups but with my desktop icons gone and unable to go through
"programs", I am unable to access needed programs.
Any help in getting me back to normal will be appreciated.
I can see them on my Start menu anymore. PLus there is this Desktop pic of
"Buy Privacy Protection Service now" with the Url Link with it. When i tried
to right click my properties on my desktop it says
Im able to access My Document via a shortcut. But my C: is not accessible. I
will try to scan my comp for a 2nd time but can u guys tell me anything about
my situation ( if u ever heard of a problem like this)?
(Msg. 2) Posted: Sun Sep 07, 2008 9:40 pm
Post subject: RE: I have a virus [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
I always try to do a system restore if possible. It's the only way to get
all of it.
"Bsmith0776" wrote:
> I have a virus. My desktop is white with "Active Desktop Recovery" which
> when I hit "Restore my Active Desktop" I get the message "an error occured in
> the script". Plus my start menu is gone. When I hit start, the right side is
> blank plus "programs" is gone. I ran Ad-Aware and AVG and this cleaned up a
> lot of the pop ups but with my desktop icons gone and unable to go through
> "programs", I am unable to access needed programs.
>
> Any help in getting me back to normal will be appreciated.
>
>
>
>
> I can see them on my Start menu anymore. PLus there is this Desktop pic of
> "Buy Privacy Protection Service now" with the Url Link with it. When i tried
> to right click my properties on my desktop it says
>
>
> Im able to access My Document via a shortcut. But my C: is not accessible. I
> will try to scan my comp for a 2nd time but can u guys tell me anything about
> my situation ( if u ever heard of a problem like this)?
>
>
> --
> Bsmith0776
(Msg. 3) Posted: Sun Sep 07, 2008 10:01 pm
Post subject: RE: I have a virus [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
Chances are this isn't a virus but a fraudulent antivirus program. Probably
the "Antivirus 2008 Online Security Scanner" or a variant thereof. It uses
the active desktop to simulate virus warnings.
> I have a virus. My desktop is white with "Active Desktop Recovery" which
> when I hit "Restore my Active Desktop" I get the message "an error occured in
> the script". Plus my start menu is gone. When I hit start, the right side is
> blank plus "programs" is gone. I ran Ad-Aware and AVG and this cleaned up a
> lot of the pop ups but with my desktop icons gone and unable to go through
> "programs", I am unable to access needed programs.
>
> Any help in getting me back to normal will be appreciated.
>
>
>
>
> I can see them on my Start menu anymore. PLus there is this Desktop pic of
> "Buy Privacy Protection Service now" with the Url Link with it. When i tried
> to right click my properties on my desktop it says
>
>
> Im able to access My Document via a shortcut. But my C: is not accessible. I
> will try to scan my comp for a 2nd time but can u guys tell me anything about
> my situation ( if u ever heard of a problem like this)?
>
>
> --
> Bsmith0776
(Msg. 4) Posted: Mon Sep 08, 2008 2:15 am
Post subject: RE: I have a virus [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
"Bsmith0776" wrote:
> I have a virus. My desktop is white with "Active Desktop Recovery" which
> when I hit "Restore my Active Desktop" I get the message "an error occured in
> the script". Plus my start menu is gone. When I hit start, the right side is
> blank plus "programs" is gone. I ran Ad-Aware and AVG and this cleaned up a
> lot of the pop ups but with my desktop icons gone and unable to go through
> "programs", I am unable to access needed programs.
>
> Any help in getting me back to normal will be appreciated.
>
>
>
>
> I can see them on my Start menu anymore. PLus there is this Desktop pic of
> "Buy Privacy Protection Service now" with the Url Link with it. When i tried
> to right click my properties on my desktop it says
>
>
> Im able to access My Document via a shortcut. But my C: is not accessible. I
> will try to scan my comp for a 2nd time but can u guys tell me anything about
> my situation ( if u ever heard of a problem like this)?
>
>
> --
> Bsmith0776
I think you got SpyFalcon removal or Vundo Variants on your Machine!
Note you can Try Systenm Restore from safe Mode and then try to remove the
infection.
right-click an empty area on the desktop, point to Active Desktop, and then
click View As Web Page to clear the check mark.
Or right click the desktop and select properties >> On the display
properties click on Desktop Tab then customize Desktop Button then on Web Tab
and make sure the check box for this is unchecked:
[ ] My Cureent Home Page
And the Lock Desktop Items is unchecked too!
In the registry open a run command and type in :
regedit.exe click [OK] Locate these Keys and change the Value of the
NoActiveDesktop to (0) to disable it:
[-]HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer =
Value Name: NoActiveDesktop
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disable restriction, 1 = enable restriction)
[-]HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer =
Value Name: NoActiveDesktop
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disable restriction, 1 = enable restriction)
Close the Registry Editor and then perofrom these cleaning steps:
1... Click start >> Control Panel >> Double Click Network and Internet
Connections >> Double click Internet Options, on the IE Properties window
you will see these Options:
General | Security | Privacy | Content | Connections | Programs
| Advanced .
Click on General Tab (1st Tab on the left) and you will see a Button called
[ Clear History ..] click on it to clear your History caches, then click on
[Delete Files..] to delete Internet Files created over the time, click on [
Delete Cookies...] to delete your cookies left by visiting websites.
Click on Connections tab then click LAN Settings Button, there make sure
nothing checked.
= Then try to Disable the Add-Ons on your Browser somehow installed on your
browser, On how to disable the Add-ons follow this:
Click on Programs Tab and then click the Manage Add-Ons Button there Disable
the None/Not Verified Plug-ins/Add-ons ( you need to Renable them one-by-one
later and see which is the culprit .
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Click on Advanced Tab and scroll down under the browsing option and uncheck
this box:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest)
and click Apply then [OK] to close the IE properties
download Hijackthis and send me the log.
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)
Send me copy to my address is : to_you_ross(at remove this and repalce with
the
obvious)yahoo.co.uk
(Msg. 5) Posted: Mon Sep 08, 2008 3:13 am
Post subject: Re: I have a virus [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
a system restore will fix it- if you can't access it the usual way
hit "system recovery" during startup
On Sun, 7 Sep 2008 22:01:01 -0700, Anteaus
wrote:
>Chances are this isn't a virus but a fraudulent antivirus program. Probably
>the "Antivirus 2008 Online Security Scanner" or a variant thereof. It uses
>the active desktop to simulate virus warnings.
>
>Go to http://malwarebytes.org and download the rogue-program removal tool.
>
>"Bsmith0776" wrote:
>
>> I have a virus. My desktop is white with "Active Desktop Recovery" which
>> when I hit "Restore my Active Desktop" I get the message "an error occured in
>> the script". Plus my start menu is gone. When I hit start, the right side is
>> blank plus "programs" is gone. I ran Ad-Aware and AVG and this cleaned up a
>> lot of the pop ups but with my desktop icons gone and unable to go through
>> "programs", I am unable to access needed programs.
>>
>> Any help in getting me back to normal will be appreciated.
>>
>>
>>
>>
>> I can see them on my Start menu anymore. PLus there is this Desktop pic of
>> "Buy Privacy Protection Service now" with the Url Link with it. When i tried
>> to right click my properties on my desktop it says
>>
>>
>> Im able to access My Document via a shortcut. But my C: is not accessible. I
>> will try to scan my comp for a 2nd time but can u guys tell me anything about
>> my situation ( if u ever heard of a problem like this)?
>>
>>
>> --
>> Bsmith0776
(Msg. 6) Posted: Mon Sep 08, 2008 12:19 pm
Post subject: Re: I have a virus [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use (in
conjuction with some other utilities). HijackThis will NOT fix anything on
its own, but it will help you to both identify and remove any
hijackware/spyware with assistance from an expert. **Post your log to
http://aumha.net/viewforum.php?f=30, http://forums.spybot.info/forumdisplay.php?f=22, http://castlecops.com/forum67.html, or other appropriate forums for review
by an expert in such matters, not here.**
If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/
Bsmith0776 wrote:
> I have a virus. My desktop is white with "Active Desktop Recovery" which
> when I hit "Restore my Active Desktop" I get the message "an error occured
> in the script". Plus my start menu is gone. When I hit start, the right
> side is blank plus "programs" is gone. I ran Ad-Aware and AVG and this
> cleaned up a lot of the pop ups but with my desktop icons gone and unable
> to go through "programs", I am unable to access needed programs.
>
> Any help in getting me back to normal will be appreciated.
>
> I can see them on my Start menu anymore. PLus there is this Desktop pic
> of
> "Buy Privacy Protection Service now" with the Url Link with it. When i
> tried
> to right click my properties on my desktop it says
>
>
> Im able to access My Document via a shortcut. But my C: is not accessible.
> I
> will try to scan my comp for a 2nd time but can u guys tell me anything
> about my situation ( if u ever heard of a problem like this)?
(Msg. 7) Posted: Mon Sep 08, 2008 7:04 pm
Post subject: Re: I have a virus [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
From: "fvghjk"
| a system restore will fix it- if you can't access it the usual way
| hit "system recovery" during startup
That is only an assumption.
There are *many* kinds of malware that will disable or corrupt the System Restore service.
(Msg. 8) Posted: Mon Sep 08, 2008 7:04 pm
Post subject: Re: I have a virus [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
From: "Oahuyahoo"
| I always try to do a system restore if possible. It's the only way to get
| all of it.
No, that is NOT true.
As I stated in another part of this thread...
There are *many* kinds of malware that will disable or corrupt the System Restore service.
All times are: Eastern Time (US & Canada) (change) Goto page 1, 2
Page 1 of 2
You can post new topics in this forum You can reply to topics in this forum You can edit your posts in this forum You can delete your posts in this forum You can vote in polls in this forum
Home
Forums
Home
FAQ
Search
Profile
Private Messages
Log in
Windows XP