Virus Kicking my Ass

[jryan21]

While you are tracking down all your software, add Ghost to the list. Not the crappy win32 version, but the bootable dos version.

 

[alexa7]

I have the same beast. It redirects google searches to parked pages. Got to be a great money maker for someone.

Typing in urls to antivirus places like TrendMicro gets the same Zend Optimer error I get when trying to install Prosper202 on Xampp. This tells me that maybe the usually AV sites are being redirected through my own Apache Server. Shutting down Xampp stopped the Zend messages but still no connect.

Also it has disabled screen saver properties. Where is the command in XP Pro system administrator to restore this? I used to know.

SpyBot is running right now. It's the only thing I could find that would download.

 

[Deliguy]

Also it has disabled screen saver properties. Where is the command in XP Pro system administrator to restore this? I used to know.

start >> run >> regedit >> OK
//hkey_local_machine/software/microsoft/windows/current_version/policies/
You'll probably find several keys all of which will probably say disablethis and lockthat. Delete them. Deleting them all won't hurt a thing.

When you're done with that it doesn't hurt to at least check //hkey_current_user/software/microsoft/windows/current_version/policies/

After that
start >> run >> iexplore.exe" -extoff >> OK
then download HijackThis and a real antispyware such as counterspy.
Boot into safemode
in XP pro its okay to remove everything on the hijackthis results. The necessary ones will come back next time you start internet explorer. So run that first then run your antispyware. Then Start >> Run >> MSCONFIG >> OK
Go through your startup and make sure there's no instances of the spyware on your startup and double check any spyware files listed on the startup got properly removed by the antispyware. Double check your policies to make sure your regular windows is still not locked out of anything. Double check your web enabled desktops. Restart the computer. Check the internet properties for spyware add-ons that may have remained. Then check your add/remove programs for any listed there. If there are and they won't uninstall use mscleanup to remove them. Lastly, Rerun your antispyware just to make sure no registered dll's brought anything back. If it finds any go back into safemode under the administrator account and unregister them using REGSVR32 /u some.dll in the command prompt and rerun the antispyware.

I know thats quite the todo list but its really just being thorough. Feel free to stop at any portion of it when you're certain the spyware is gone.

And yes I own a computer store and yes I make sure to know my businesses inside and out

 

[Webferret]

or buy a fucking Mac

 

[mr.molsen]

Check the hosts file too

%SystemRoot%\system32\drivers\etc\

I had virus awhile back and noticed some urls were appended to it. Deleted dem' bitches. This could possibly be causing the redirects or connection problems.

 

[alexa7]

then download HijackThis and a real antispyware such as counterspy.

Thanks Eli, counterspy did the trick first try. I'd run a couple others already that said they'd fixed it, to no avail. That's good stuff. Suck web page they have, though.

I remember that it was gpedit.msc that allowed for setting display and control panel settings.

I think all is normal now. Monster Marketing must make a killing off of those things.

 

[BluuueJammm]

or buy a fucking Mac

Yeah, and make sure you get fries with that.