Not signed in (Sign In)
    •  
      CommentAuthorLazarus99
    • CommentTimeAug 9th 2010
     (8710.1)
    Despite having one of the better antivirus suites (AVG), I seem to have picked up something quite nasty. It seems to be called Nuqel.a and/or Bankfox.e (I think) and loads a bogus antivirus program. The big problem is that when it's running, I can't open AVG, Task Manager, regedit or cmd, so I can't get rid of it manually.

    Can anyone help me with this?
  1.  (8710.2)
    Reboot, then either sort the whole thing out in Safe Mode or let your computer load up a previous state of itself (I am not a computer whizz and cannot remember what the technical term for this is because I'm shit). The latter choice will unfortunately rid you of files you have recently created/downloaded.

    Good luck, and find a more trustworthy porn site in the future. =D
    •  
      CommentAuthortexture
    • CommentTimeAug 9th 2010
     (8710.3)
    What newspaperdrone said... I would start using the following anti-bad-stuff programs, all free for life:

    Comodo Firewall and AntiVirus

    Malwarebytes
    Spybot Search & Destroy

    and for good measure start regularly cleaning your cache:

    CCleaner


    Good luck!
    • CommentAuthorangotango
    • CommentTimeAug 9th 2010
     (8710.4)
    Looks like the viruses has corrupted most of your computer already. I believe the viruses you have steal personal information so I would completely wipe your drives clean and reinstall the OS you have. When you use your recovery disk, make sure you format the entire drive first before you reinstall your OS. If you have important files, save them to a disk or external hard drive first so you can virus scan them later when your computer is safe. The bad thing though, you will have to reinstall alot of the programs you had before which is pretty tedious if you had tons of stuff on your computer. But, your computer will feel like new when it's done.
    •  
      CommentAuthorDoc Ocassi
    • CommentTimeAug 9th 2010
     (8710.5)
    I would suggest the Ultimate Boot CD it has a copy of AVIRA rescue system on the CD. I have used it on a few system and although it didn't seem to remove the infected files. You can use the linux desktop on the CD to clean out the files. I don't know how invasive the viruses you have are but it should allow you to clear the system, it may even have a registry editor on it to allow you to clean out the current version/run keys.
  2.  (8710.6)
    While we're at it, does anyone know a good utility for preventing beacon spyware from being installed automatically by websites?
    • CommentAuthorKelind
    • CommentTimeAug 9th 2010
     (8710.7)
    @Lazarus99

    All of the above advice is correct and good, the only addition to software suggestions I have is Adaware, which is free as well. However, I suggest burning your system completely with a full reformat, which is what angotango suggested.


    @Greasemonkey

    Wouldn't that be great! I'd love to know about something that protects from these.
  3.  (8710.8)
    While we're at it, does anyone know a good utility for preventing beacon spyware from being installed automatically by websites?

    Mac OS.
    • CommentAuthorBMTMTC
    • CommentTimeAug 9th 2010
     (8710.9)
    Combofix works wonders for me. Download it, boot into safe mode and run it:

    http://www.bleepingcomputer.com/download/anti-virus/combofix
    •  
      CommentAuthorDoc Ocassi
    • CommentTimeAug 9th 2010
     (8710.10)
    While we're at it, does anyone know a good utility for preventing beacon spyware from being installed automatically by websites?


    Mac OS.


    Or if you are a PC, Linux.
    •  
      CommentAuthorrickiep00h
    • CommentTimeAug 9th 2010
     (8710.11)
    While we're at it, does anyone know a good utility for preventing beacon spyware from being installed automatically by websites?


    Mac OS.


    Or if you are a PC, Linux.


    /sigh
  4.  (8710.12)
    I believe I've had this twice recently, it spawns a program called net.net... anyway, I'm not going to be of much help apart from to say I formatted both the pcs I had it on.
    Sad bloody face, but best way of making sure you get rid of a virus.
    •  
      CommentAuthorCameron C.
    • CommentTimeAug 9th 2010
     (8710.13)
    In the past, the previously linked to MALWAREBYTES has ALWAYS taken care of it (Even when ran normally, not in safe mode) but last week some site loaded a fake antivirus (this one called antivirus solutions pro or something, a name it hadnt had before) and I tried MANY different programs and approaches but the only thing that did anything was activating a Restore Point from before the infection and then everything has been fine.
    • CommentAuthorEmperor
    • CommentTimeAug 9th 2010
     (8710.14)
    I had a real problem getting a virus off my cousins computer and found Microsoft Security Essentials was the only one to do the business, but it was a resource hog and I removed it.

    Then make sure it doesn't happen again - as well as AVG I run Spybot Search & Destroy and Zone Alarm (both can be had for free) but also a good tip is to make sure you only have admin rights set on a separate admin account (that you only use when needed - I hardly ever user it, but keep the password handy) and keep all the general accounts set as normal users, that way nasty things will struggle to install anything or altering settings.
    •  
      CommentAuthorFinagle
    • CommentTimeAug 9th 2010 edited
     (8710.15)
    Disclaimer: I work for an IT outfit that does this sort of thing.

    0. Optionally set your DNS settings to use OpenDNS.com as your DNS servers. This will help prevent reinfection during and after cleaning.
    1. Grab yourself a copy of the Antimalware Toolkit from here. Put it on a USB stick. Use it to download all the installers you will need for the later steps. Also grab a copy of Firefox Portable. Copy all to USB stick.
    2. Boot into Safe Mode. (Tap F8 repeatedly on bootup), disconnect from any network.
    3. Run CCleaner with everything but Wipe Free Space enabled.
    4. Run Combofix. Follow its advice to (a) install the Recovery Console and (b) disable any realtime scanning in your antivirus program.
    5. Let Combofix finish fully, then install and run Malwarebytes and do a Full Scan.
    6. If Malwarebytes comes up with anything, also then run Superantispyware.
    7. Reconnect to network, test Internet, Run full Windows Update, install all critical updates. If IE is broken, you can use the Firefox Portable to grab a full IE installer.
    8. Update all Adobe products - Flash, Acrobat, Shockwave. Get rid of Acrobat if you can.

    If this whole sequence doesn't work, follow this procedure to remove a variant called TDSS that Combofix doesn't get.

    Afterwards, sign up for OpenDNS. It is the most effective way to stop malware at your perimeter. Basic version is completely free.
    •  
      CommentAuthorLazarus99
    • CommentTimeAug 10th 2010
     (8710.16)
    A friend of mine is lending me a Windows 7 install disk, so it looks like it's format time...bollocks