Virus nasty

Discussion in 'Gaming and Software' started by oldbaldy, Feb 12, 2010.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. oldbaldy

    oldbaldy LE Moderator Good Egg (charities)
    1. Battlefield Tours

    Granddaughter has picked up a nasty on her laptop, Yes I've waterboarded her to find out where!!
    I've tried to download malwarebytes but for some reason when I click run, I get an error message. I've tried to download other things as a test & the same happens. I think the nasty might be something called Isearch.
    Any ideas?
  2. It's a BHO. See if you can run msconfig from the "run" command and disable it on startup. Then find the .exe file and delete it. There are other ways round it though.
  3. oldbaldy

    oldbaldy LE Moderator Good Egg (charities)
    1. Battlefield Tours

    Cheers I'll give it a go. :)
  4. Download Malware and then rename the exe file to .bat and then it should run.
  5. By the way, it isn't a virus, just an annoying piece of unwanted and sneaky shite.
  6. msr

    msr LE

  7. oldbaldy

    oldbaldy LE Moderator Good Egg (charities)
    1. Battlefield Tours

    Installed malwarebytes as administrator and ran. As I thought it would that got rid of it.
  8. Have been having a problem with a programme called "internet Security 2010". It gave all the appearance of a MS programme and used the chequered shield and XP at the front. It initially looked like an update but required you to buy a licence.

    It stopped malwarebytes and panda working as well as the internet.

    I had to uninstall then reinstall Malwarebytes to get rid of it.

  9. Yep I have had that as well, a real pain in the butt.
  10. msr

    msr LE

    Which antivirus do you have?

  11. Avast is the lord of the antivirus.
    Not only is it free, it beats the shite out of most paid ones - keeps your system snug and secure.
  12. panda, but it did not spot it and kept saying all is well.
  13. msr

    msr LE

  14. I just had that - or at least "Vista Internet Security 2010". Very virulent. I caught it whilst looking at the Moscow Times website. I have AdAware, Systemsuite 9 & Vista Firewall, and it got straight through.

    If you search the web, there are pages of instructions on how to clean it, usally with Malwarebytes or similar as the second stage. Its tricky, because the trojan deactivates any anti-virus programme as soon as you try and start them and it also re-starts/re-infects almost instantly you kill a bit of it.

    Strangely, the advice pages give a compex first stage of deleting registry entries, etc, before cleaning with an anti-spyware program. I seem to have found a simpler method: if you open Task manager, you can see the main part of the virus running as "av.exe". Killing this process allows the anti-spyware programme(s) to boot and start doing their cleaning. "Av.exe" restarts itself, but if you mallet it every time it appears, it can't prevent the anti-spyware from running and eventually slotting it. My PC did require a System Restore to the previous day's save point in order to completely erase the trojan, but all seems well now.