After Virus - I can't update any of my anti virus programs

KubeDawg · 12-10-2008, 02:17 PM

I just got a virus last night, got rid of it, but I'm unable to update Spybot, Adaware, AVG, and I'm unable to even open Malwarebyte's...

Any ideas what could've happened or how to fix it?

Here's what AVG picked up w/o having to update:
http://kubedawg.com/v/12-10-2008%203-24-11%20AM.png
http://kubedawg.com/v/12-10-2008%203-24-26%20AM.png
http://kubedawg.com/v/12-10-2008%203-24-37%20AM.png

And here's what's in the vault:
http://kubedawg.com/v/12-10-2008%209-12-20%20AM.png

I found a rundll32.exe in my admin processes as well. It just showed up when I tried to uninstall malwarebytes, which I'm still unable to do.

Bridget · 12-10-2008, 02:33 PM

Rundll32.exe is usually a microsoft process. Again:

http://www.lavasoft.com/products/ad_aware_free.php
http://www.bitdefender.com/site/Downloads/

Edit: If you open your process tab (I'm using Vista) and go to View > Select Columns and check 'Command Line', You will be able to see the path to the file running through rundll32.exe.

KubeDawg · 12-10-2008, 02:40 PM

Quote:

Originally Posted by Bridget

Rundll32.exe is usually a microsoft process. Again:

http://www.lavasoft.com/products/ad_aware_free.php
http://www.bitdefender.com/site/Downloads/

Edit: If you open your process tab (I'm using Vista) and go to View > Select Columns and check 'Command Line', You will be able to see the path to the file running through rundll32.exe.

It's usually a microsoft process that is run by my set of System processes, right? Why would it be listed under my administrator name processes?

I've downloaded adaware, unable to update it either. Also, the virus fucked with my browsing capabilities. I cannot go to any of these antivirus websites, but I can go to download.com and download them.

Bridget · 12-10-2008, 03:38 PM

Use them first, then try to update them. I 'unno.

KubeDawg · 12-11-2008, 02:43 PM

This thread can be deleted. I got rid of the virus w00t!

Skanky Butterpuss · 12-11-2008, 05:37 PM

what did you have to do to get rid of it?

KubeDawg · 12-11-2008, 06:04 PM

It was that stupid antivirus 2008 virus. It installed a rootkit on my machine, and I had no access to windows update, system restore, or even visiting the sites to get rid of the problem. I found a web site that showed how to get rid of it, but it looked like it took 3 years to do. So I googled a bit more and found some topics on it and people said SpyHunter is a program that can find and get rid of this particular virus.

So I dled it, it scanned all the way, but you gotta pay for it to remove the shit from your PC so I said fuck that, found some un/pw's on a serial site, and 'upgraded' my account and got rid of everything.

Credge · 12-12-2008, 03:43 AM

Know what the weird thing about that one is? I got it to and have no idea how I got it. This was a bit back. Weird.

KubeDawg · 12-12-2008, 03:54 AM

I've got no clue, but a hacker friend of mine had to reformat because of the same virus. It sucks man. Maybe we're all visiting the same pr0n sites or somethin...

MonoXideAtWork · 12-12-2008, 01:01 PM

I've got it too. I have to install my 500gb frive in my media server so that I can xfer my save folder over then reformat. Yay.

Icculus · 12-17-2008, 01:40 AM

MalwareBytes AntiMalware can get rid of it and it's free.

I have used Ad-aware, Spybot, and Hijack this a ton in the past and usually could get rid of everything with a combination of those. I recently had that Antivirus 2008 crap too and was unable to get rid of it until I started doing some research about it and found that Spyhunter was one of things that could remove it but like Kube said, you have to pay for it. If anyone is still infected, give Antimalware a try. On my machine it found several entries that all those others had missed. `

-Icculus

KubeDawg · 12-17-2008, 02:13 AM

Quote:

Originally Posted by Icculus

MalwareBytes AntiMalware can get rid of it and it's free.

I have used Ad-aware, Spybot, and Hijack this a ton in the past and usually could get rid of everything with a combination of those. I recently had that Antivirus 2008 crap too and was unable to get rid of it until I started doing some research about it and found that Spyhunter was one of things that could remove it but like Kube said, you have to pay for it. If anyone is still infected, give Antimalware a try. On my machine it found several entries that all those others had missed. `

-Icculus

The problem was that it disabled my MBAM program completely.

Icculus · 12-17-2008, 03:04 AM

Quote:

Originally Posted by KubeDawg

The problem was that it disabled my MBAM program completely.

Ahh missed that. Guess I should read posts more carefully.

I had a virus once, can't remember which one it was but it was smart enough to hide itself from all the usual spyware scanners, ETC. If I ran Ad-aware it would come up clean but if I renamed the executable for Ad-aware and ran it, it would catch it. Nasty thing and very hard to get rid of.

-Icculus

פֿяαιп βαмαgεפ · 12-26-2008, 11:26 AM

MBAM is great, tnx for the tip!

12-10-2008, 02:17 PM	#1
KubeDawg Nade Whore Server Owner Beta Tester Join Date: Sep 2007 Location: Oklahoma Class/Position: Scout/Soldier Gametype: CTF/TDM Affiliations: blunt. Moto Posts Rated Helpful 128 Times	After Virus - I can't update any of my anti virus programs I just got a virus last night, got rid of it, but I'm unable to update Spybot, Adaware, AVG, and I'm unable to even open Malwarebyte's... Any ideas what could've happened or how to fix it? Here's what AVG picked up w/o having to update: http://kubedawg.com/v/12-10-2008%203-24-11%20AM.png http://kubedawg.com/v/12-10-2008%203-24-26%20AM.png http://kubedawg.com/v/12-10-2008%203-24-37%20AM.png And here's what's in the vault: http://kubedawg.com/v/12-10-2008%209-12-20%20AM.png I found a rundll32.exe in my admin processes as well. It just showed up when I tried to uninstall malwarebytes, which I'm still unable to do. __________________ Moto's Funhouse \| Dallas, TX - 74.91.114.247:27015 ff_plunder - Complete

12-11-2008, 02:43 PM	#5
KubeDawg Nade Whore Server Owner Beta Tester Join Date: Sep 2007 Location: Oklahoma Class/Position: Scout/Soldier Gametype: CTF/TDM Affiliations: blunt. Moto Posts Rated Helpful 128 Times	This thread can be deleted. I got rid of the virus w00t! __________________ Moto's Funhouse \| Dallas, TX - 74.91.114.247:27015 ff_plunder - Complete

12-11-2008, 05:37 PM	#6
Skanky Butterpuss Beware the Hammer D&A Member Fortress Forever Staff Join Date: Mar 2007 Class/Position: Sabotaging your shit. Affiliations: :}\|, mimic, /KBN/ Posts Rated Helpful 0 Times	what did you have to do to get rid of it? __________________ Support FF: Etzell: Skanky Etzell: The Wings are fucking fantastic Etzell: They really are Etzell: But even SAYING that makes me want to vomit

12-11-2008, 06:04 PM	#7
KubeDawg Nade Whore Server Owner Beta Tester Join Date: Sep 2007 Location: Oklahoma Class/Position: Scout/Soldier Gametype: CTF/TDM Affiliations: blunt. Moto Posts Rated Helpful 128 Times	It was that stupid antivirus 2008 virus. It installed a rootkit on my machine, and I had no access to windows update, system restore, or even visiting the sites to get rid of the problem. I found a web site that showed how to get rid of it, but it looked like it took 3 years to do. So I googled a bit more and found some topics on it and people said SpyHunter is a program that can find and get rid of this particular virus. So I dled it, it scanned all the way, but you gotta pay for it to remove the shit from your PC so I said fuck that, found some un/pw's on a serial site, and 'upgraded' my account and got rid of everything. __________________ Moto's Funhouse \| Dallas, TX - 74.91.114.247:27015 ff_plunder - Complete

12-12-2008, 03:43 AM	#8
Credge FF Loremaster Beta Tester Join Date: Sep 2007 Posts Rated Helpful 4 Times	Know what the weird thing about that one is? I got it to and have no idea how I got it. This was a bit back. Weird. __________________ "The nine most terrifying words in the English language are: 'I'm from the government and I'm here to help.'" Ronald Reagan

12-10-2008, 02:33 PM	#2
Bridget Banned Join Date: Sep 2008 Class/Position: Soldier Gametype: AVD Affiliations: TALOS Posts Rated Helpful 5 Times	Rundll32.exe is usually a microsoft process. Again: http://www.lavasoft.com/products/ad_aware_free.php http://www.bitdefender.com/site/Downloads/ Edit: If you open your process tab (I'm using Vista) and go to View > Select Columns and check 'Command Line', You will be able to see the path to the file running through rundll32.exe.

12-10-2008, 03:38 PM	#4
Bridget Banned Join Date: Sep 2008 Class/Position: Soldier Gametype: AVD Affiliations: TALOS Posts Rated Helpful 5 Times	Use them first, then try to update them. I 'unno.

12-12-2008, 03:54 AM	#9
KubeDawg Nade Whore Server Owner Beta Tester Join Date: Sep 2007 Location: Oklahoma Class/Position: Scout/Soldier Gametype: CTF/TDM Affiliations: blunt. Moto Posts Rated Helpful 128 Times	I've got no clue, but a hacker friend of mine had to reformat because of the same virus. It sucks man. Maybe we're all visiting the same pr0n sites or somethin... __________________ Moto's Funhouse \| Dallas, TX - 74.91.114.247:27015 ff_plunder - Complete

12-12-2008, 01:01 PM	#10
MonoXideAtWork Pub Allstar! Beta Tester Join Date: Aug 2008 Class/Position: under en kvinna Gametype: Capture the Flag Affiliations: Eternal Order, Must be h4x, Mono's happy funtime. Posts Rated Helpful 0 Times	I've got it too. I have to install my 500gb frive in my media server so that I can xfer my save folder over then reformat. Yay.

12-17-2008, 01:40 AM	#11
Icculus D&A Member Join Date: Mar 2007 Location: New Hampshire Posts Rated Helpful 0 Times	MalwareBytes AntiMalware can get rid of it and it's free. I have used Ad-aware, Spybot, and Hijack this a ton in the past and usually could get rid of everything with a combination of those. I recently had that Antivirus 2008 crap too and was unable to get rid of it until I started doing some research about it and found that Spyhunter was one of things that could remove it but like Kube said, you have to pay for it. If anyone is still infected, give Antimalware a try. On my machine it found several entries that all those others had missed. ` -Icculus

12-26-2008, 11:26 AM	#14
פֿяαιп βαмαgεפ Annoying people since 1986 Join Date: Sep 2007 Location: Belgium a.k.a. absurdistan Class/Position: O fatty, pyro - D engy, pyro Gametype: CTF Affiliations: This space for rent. Posts Rated Helpful 1 Times	MBAM is great, tnx for the tip!

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)