Last night I just got myself very annoying virus.
It called itself as a "Antivirus XP 2008" it installed itself on my computer and made fake scanning and "found" several crap from my comp. Well I terminated it's processes, pphcan4j0eae7.exe, rhcen4j0eae7.exe, lphcan4j0eae7.exe. I removed everything from my computer, what I could find what had something to do with it, from registry too.

It also changed my backgroung and screensaver, I already sorted them out.

Also when I right-clicked on desktop and chose properties, tabs called Desktop and Screen-Saver were missing. I restored by gpedit.msc (start -> run and gpedit.msc) and configuring them as enabled. For my knowledge, they should be showing with the default setup "notconfigured" as they were, but I had to enable them to get them. All other tabs show fine, with they're "notconfigured".

Then I ran Ad-Aware 2008, it found 4 little things, maybe didn't have anything to do with it.
Currently I'm scanning my computer with Avira AntiVir.

My computer seems to work almost like it should. But the problem is, that now something is blocking my access to almost every site what has something to do with anti-virus programs and computer securing etc.

Here's the current list of sites what this fooking virus seems to be blocking for me:

http://lavasoft.com/
http://www.free-av.com/
http://www.kaspersky.com/
http://www.zonealarm.com/
http://www.symantec.com/
http://www.f-secure.com/ (although I can get to http://www.f-secure.fi/)
http://www.bleepingcomputer.com/
http://www.besttechie.net/
http://www.virustorjunta.net/ (Finnish site, spells something like antivirus.net)
http://www.bitdefender.com/
http://www.safer-networking.org/
http://www.avast.com/
http://www.grisoft.com/
http://us.trendmicro.com/
http://www.mcafee.com/
http://www.antivirus.comodo.com/
http://www.sophos.com/
http://www.pctools.com/
http://www.bitdefender.com/
http://www.bleepingcomputer.com/
http://www.malwarebytes.org/

And etc. etc. etc. Maybe thousands of sites. I just get that normal Unable to Connect error with Firefox when trying to open those sites.

So, do you have any ideas what could help me?

Or know better place to ask about this?


GODDAMN.

-EDIT- I use Windows XP Pro, if that matters.

You should probably get any important files onto an external hard drive, scan them before you do to make sure they are clean, then nuke your hard drive because it might be Skynet and the machines are coming to get you.

If I remember correctly, this is Malware. Try running Spybot Search & Destroy, or Ad-Aware. Also do a full anti-virus check.

Whatever you do, do not search Google for solutions, it affects the outcome and will give you something called 'SpyHunter'. This is about as much use as poring Coca-Cola onto you're CPU. See links here and here for warnings

Some others might have better solutions.

E: Actually Quicky is not far off it, I have heard some say this is the only way to get rid of it. (apart from the skynet part....everyone knows that they will launch Nuclear wareheads first, then a big Austrian with Sunglasses will come fromthe future)

haha im not the only one who gets laughed about

i have a virus on my pc but its only ads

i think xp is obsolete

You need something like the "Malwarebytes" prog.

Check this "How to remove Antivirus XP 2008" instructions
http://www.bleepingcomputer.co ... /remove-antivirus-xp-2008

But if possible I would always suggest a fresh system install.

Quote from BBO@BSR :

You need something like the "Malwarebytes" prog.

Check this "How to remove Antivirus XP 2008" instructions
http://www.bleepingcomputer.co ... /remove-antivirus-xp-2008

But if possible I would always suggest a fresh system install.

+ several million for MalwareBytes, big kick in the goolies for System Install!...(Would you fix your car with a sledgehammer??)

I have had about 4 computers to repair that were infected with this shite...and the MalwareBytes program is great at getting rid of it completely..

As it happens I am doing a clean-up on an infested laptop as I type this on my main comp

Quote from Bladerunner :

+ several million for MalwareBytes, big kick in the goolies for System Install!...(Would you fix your car with a sledgehammer??)

Well tapping it with a hammer just seems kinda wussy

MalwareBytes really that good? I haven't had this yet nor do I think I will, but worse case scenario would use it if you highly recommend it.

Quote from Bladerunner :

I have had about 4 computers to repair that were infected with this shite...

Only had 3 with this crap here so far but most of the times I can convince people to make a fresh base install, then use some backup system like Acronis and whenever something is really wrong then you can install the backup of the fresh install in some minutes.

Quote from BBO@BSR :

Only had 3 with this crap here so far but most of the times I can convince people to make a fresh base install, then use some backup system like Acronis and whenever something is really wrong then you can install the backup of the fresh install in some minutes.

Problem there is, most of my customers dont like to back up their accrued data, so a total install from an image would lose all their stuff... and that leads to p***ed off customers... who will think twice about being a customer again.
I prefer to spend a few minutes more by doing it the "hard way", that way I get the mugs.. (oops, I mean punters!) coming back again when something else goes wrong.

Quote from BBO@BSR :

You need something like the "Malwarebytes" prog.

Check this "How to remove Antivirus XP 2008" instructions
http://www.bleepingcomputer.co ... /remove-antivirus-xp-2008

But if possible I would always suggest a fresh system install.

I may add http://www.bleepingcomputer.com/ and http://www.malwarebytes.org/ to the list.

But I got the Malwarebytes from download.com, going to try it out.

Quote from Mackie The Staggie :

Whatever you do, do not search Google for solutions, it affects the outcome and will give you something called 'SpyHunter'. This is about as much use as poring Coca-Cola onto you're CPU. See links here and here for warnings

These sites didn't really tell me anything new, but thanks for the reply still...

Formatting and installing XP again, is one solution, but I'm going to do it only if I have to... My system was running pretty good, so no other reasons for formatting now.

Quote from Bladerunner :

Problem there is, most of my customers dont like to back up their accrued data, so a total install from an image would lose all their stuff...

Not if you also teach them to save their stuff on the second drive you've sold them

A second of googlin would made you know that you can remove that with malwarebytes.

Give your hosts file a look.
It’s pretty common for viruses and malware stuff to edit your hosts file. By editing your hosts file they can point you to bogus sites, disable signature updates or disable anti-virus software downloads.
All those vendor sites could eventually point to 127.0.0.1
I hope this is any useful, anyways good luck

Quote from BigPeBe :

So, do you have any ideas what could help me?
.

As above, keep backups and reinstall windows. Windows Group Policy Editor and the management console are soooo much fun to mess around with, (on Linux atm, sterile boredom:razz

/or just load any of the default policy's or create a new user account and delete the old one

no need to reinstall windows...
I got this virus and removed it with malwarebytes, and no probs.

oh god.... i removed this virus with malwarebots myself like 2 weeks ago, the thing is so aanoying..... so yeah download malwarebytes run the scan and thats it, good luck

Quote from Dunmer :

Give your hosts file a look.
It’s pretty common for viruses and malware stuff to edit your hosts file. By editing your hosts file they can point you to bogus sites, disable signature updates or disable anti-virus software downloads.
All those vendor sites could eventually point to 127.0.0.1
I hope this is any useful, anyways good luck

Done already. Everything was ok there.

Quote from Stefani24 :

A second of googlin would made you know that you can remove that with malwarebytes.

Well I used google, but I maybe was little too lazy to find the right site... Also half of the sites I found are blocked by this crap so it is possible that I wouldn't been able to find anything about that malwarebytes.

And pls don't bark me of using google with the infected computer, I'm just too lazy to run from one PC to another. Lets just say that I'm threatening risks what I'm well aware of lol.

I try the malwarebytes when I have time for it.

THANK YOU!

I ran the malwarebytes scan, it found few ****s from my computer, deleted them and now I can get to where I want on teh internet.

Everything seems good for now.
Also my screensaver and desktop tabs are showing with the default notconfigured setting.

What's the days lesson then? Don't open random links on the /b/.

Quote from Bladerunner :

Problem there is, most of my customers dont like to back up their accrued data, so a total install from an image would lose all their stuff... and that leads to p***ed off customers... who will think twice about being a customer again.

Maybe they'll think twice about being retarded and downloading a virus/trojan/spyware/malware

Honestly can't remember the last time i had one...
NOT HARD PEOPLE

Quote from BigPeBe :

What's the days lesson then? Don't open random links on the /b/.

Is this a joke?
Please tell me its a joke.

What is the /b/ ?

It is one section of the 4chan website (it is the random category). On topic - at the time when the virus infected your comp, did you have any antivirus,firewall, or any spyware detection software installed on your system?

Quote from MataGyula :

It is one section of the 4chan website (it is the random category). On topic - at the time when the virus infected your comp, did you have any antivirus,firewall, or any spyware detection software installed on your system?

Yes of course.

This is actually first time ever I have had any problems with viruses or malware or spyware or other crap.
Usually my computer is being kept quite successfully virus free.

Usually when some crap gets to my computer it is instantly recognized and is very easy to get rid of. This **** somehow managed to install itself without getting noted before it was too late.

I don't usually like to follow random links, but this time the one single time it was enough.

I've had to remove this virus twice before, real pain in the...

Malwarebytes' Anti-Malware was the only program that managed to remove it (Spybot only found traces). I am starting to get tired of AVG as the computers infected had AVG as an antivirus.

We got a more serious version of this about 3 months ago. It locked out task manager, Avast, msconfig, regedit and command prompt. It also redirected every page on t'intertubes to it's own page, both in IE and FF. A real pain in the ass to get rid of, took me 7 hours to get the PC back to health again. At least it isn't malicous though, it's just really annoying

A bit OT, but does anybody know a HOWTO guide to do a fresh system install? I'm starting to get problems with XP, probably caused by software that wasn't uninstalled properly.