I don't know what's going on, but first my Antivirus program (Sophos) found something malicious from temporary internet files and put it in quarantine, but there was no way to use Sophos to get rid of it and, apparently, clicking on the link the quarantine summary gave me seemed to open whatever it was. Now, a program, which I know from past experiences must be a virus, I've never heard of before is telling me that there are all these risks on my computer and I'm being told to click on it to get protection. Obviously, I do not want to do this, but the antivirus on that computer (the other in my house, not the one I'm using) is useless, the anti-malware program freezes when I try to use it scan, the internet won't work with me being told the related website (any website I try to go to, but not the websites the virus brings up) may be dangerous to my computer, and a couple of seemingly porm-related sites popped up automatically. I don't want to touch anything (not even the "no, I'll stay unprotected" option on the suspicious pop-up. What do I do, now? The object is no longer in quarantine, but has it infected my computer?

sounds to me like you got your butt social engineer'd. It's something I've only seen recently, and is quite effective.

1. Exploit (usually Java, Flash, or PDF currently) creates a temporary file and has enough permissions to scraqe your registry for your installed antivirus

2. it creates a fake popup using your antivirus's name, but 9/10 it doesn't look like a popup your antivirus actually gives (one example of this I've seen actually did a good job impersonating Microsoft Security Essentials, though)

3. Clicking anything in the popup actually gives the the executable administrative permissions, which then makes it creep all over your system

lesson of the story: AV popups are not as safe as they used to be even when it says the same name as your AV, make sure you are actually looking at your real AV, launch it from the start menu.

As to what you should do now:

1. Disconnect your infected computer from the Internet

2. GET INTO SAFE MODE NOW

3. Get http://www.malwarebytes.org/ on your PC if it isn't already on there. Only connect to the Internet long enough to download it and install any updates

4. Do full scan after full scan after full scan until it comes up clean, then reboot and scan once more in safe mode until it comes up clean, repeat until it comes up clean after a reboot

5. Boot into normal mode and scan again with Malwarebytes until it comes up clean.

6. Scan with some other stuff to be extra-sure. My favorites are http://pack.google.com/intl/en/pack_installer.html and http://www.emsisoft.com/en/software/antimalware/ and whatever AV you got installed.

7. Finally check your hosts file for any unwanted entries and clear out your DNS. Also delete any cached and temporary files and hope the virus didn't mess up your install much (sooner it is caught and dealt with, the better)

Now for the future: Disable any browser plugins you aren't using. Does any site you visit use Java? No? Then disable the browser plugin. Install Flashblock to keep flash from instantly running and consider replacing Adobe Reader with an alternative PDF reader program. Doing that will eliminate the 3 biggest threats to your computer.

The virus seems to be preventing me from going on the internet, so I can't download anything.

What's safe mode and how do I enter it?

What part of unplug your infected computer from the Internet did you not understand? Not meaning to be rude, but every second it is Online is another second for it to download friends to the party, just like every second it is on and running on an administrator account in normal mode is another second for it to spread and [censored] your computer. Swift and immediate action is your only course with an infection.


Reboot the computer and keep pressing F8 as it boots up.

I already did before you told me to. At least, I hope turning the WiFi off disconnects it.

I think I'm just going to have to turn it off, then let my mom's workplace handle it. It's her work laptop and I don't know the password for logging back on, plus not even malwarebytes, my antivirus, my task manager, or any program, really, seems to be responding in any way, now.

It will assuming you aren't connected by an ethernet cord. And if you did that, that would explain why you can't access the Internet -- you disconnected from it.


If it's doing that even in safe mode, it may be too FUBARed to be salvaged and a reformat and reinstall may be necessary.

Uh oh. Let's hope she doesn't keep any sensitive work documents on that lappy. It sounds like a reformat is in order.

I didn't explain it clearly enough. Sorry about that. Before I disconnected the internet, when I tried to go on any website I wanted to go on, I was told by some notification with a symbol similar to the one the suspicious program bore that the connection failed because the site (in this case, yahoo) would be hazardous to my computer, but then viagra and advlt sites popped up and came through just fine. Fearing that the virus would spread and, in an attempt to stop those websites from popping up, I turned the WiFI, off, and the laptop is not connected to an ethernet cord.

I think I'm just going to have to give up on it, then. This is the same, exact way computers always die on me. I hate those types of viruses. :glare: Thanks, though.

I hope it'll be fine. This is the fourth or fifth time we've lost a work laptop, this way... and unfortunately, I'm not joking.

1. Keep your OS and programs up-to-date. If it's that bad, you shouldn't even be wasting a second.

2. Enable plugins on Demand in your browser

3. If possible, uninstall Java

4. Replace Adobe Reader with a third-party PDF reader

5. Install NoScript (Firefox) or NotScripts (Chrome/Opera) and only allow sites you whitelist to run scripts.

6. Disable autorun for USB/other removable media

If you do all that, you'd have effectively walled up the vast majority of exploits.

Also, stopping your use of Windows would do you some serious good until you are more up to the task of using it, or at least use UAC.

.... wow.

I have two words: Linux distro. Or: Use Chrome. Or: Safe surfing.

Also... how would you enable plugins on demand in Firefox?

What would be an example of a third-party PDF reader?

I don't think I would be surprised if my mom just stopped letting me use the laptop. It would probably be better that she didn't let me use it, anyway. I never have these problems with the other computer, but I should probably stop using her work laptop. If she trusted me with it after the other times, though, I'm highly doubting anything important was on there (:P).

http://blog.kowalczyk.info/software/sumatrapdf/free-pdf-reader.html.

Well, if you want to keep using the laptop (what are you using it for?) you could always invest in something like http://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/.

How do you go through so many laptops haha? 4th or 5th one? I've had my laptop for three years... only had to reformat once, due to my own error. Now, it's dead because the hard drive failed because I may or may not have dropped it a little bit.

I mean... I never have problems with virus's or the like. I DL avast and set it up, run scans with it and malware bytes every so often and I've yet to have a problem. :shrug:

*knock on wood*

NoScript can do it. If you JUST want plugins on Demand without script blocking:

1. Install NoScript

2. In NoScript's options, on the "General" tab enable "Scripts Globally Allowed (dangerous)"

3. On the "Embeddings" tab, forbid Java, Adobe Flash, Silverlight, and other plugins. Enable "Apply these restrictions to whitelisted sites too"

Ah, shiny. I'll do that after I get my new Windows 7 box going.

Thanks for the link.

I was using it to do pretty much what I do on the current laptop I'm using, but from the comfort of my room. I lost my Arena and Daggerfall characters with the computer, it seems, but I was using the computer for playing those, listening to music (Youtube), browsing these forums, and, sometimes, I use it to access a website that assists in studying for state tests/figuring out how to do a problem for doing homework. Again, the difference is that it was in my room when not at my mom's office. Inexplicably (by me, anyway), that work laptop ran faster than this one does, as well, even though I would think this newer, more expensive computer would outshine the other in performance.

Hmmm.

Well, Arena and Daggerfall would work in Linux via http://www.dosbox.com/ (which you are probably using already). Internet stuff would be just fine as well. I'd recommend trying out a Linux-on-a-stick distro. It would leave the Windows on the laptop untouched (and no dual-booting required) and would suit your needs too.

I'll look into it tomorrow. I've got to get some sleep, for now.

Heh, the only time any of my computers has been infected was with the ancient 486 i have (still works BTW :hehe:), and it had caught that before i got it. You could make me believe that viruses are just an urban legend made up to sell Anti-Virus software. Well, i use freeware, so the jokes on them

Microsoft Security Essentials, Windows Firewall, Firefox with NoScript and AdBlock have kept me safe trough some very :whistling: sites

... What sites do you go on to do that ?

Make sure you use a real antivirus too to do a scan. If you don't want to buy one you can use a trial version of one of the better known utilities such as NOD32 or Kaspersky and then remove it when done. Make sure to remove any antivirus software you already have installed first though. You may even be able to create the rescue disks with both of them, even as trials (not positive on this) to run before your computer boots incase system files or other locked files can't be cleaned.

I'm not joking when I say I'm so paranoid about viruses that I only even go to sites I'm familiar with, either. I visit these forums, wikipedia, regentsprep.org, my school district's website, the UESP, GameInformer, Youtube, tinypic, the Elder Scrolls website, and addictinggames.com, occasionally, and that's about it. I can't speak for other members of my family who use the computer, but aside from whatever may be a link from these forums, those sites are the only ones I visit. Last night, I did go to Square Enix's website, for a change, and the virus problem came up shortly afterwards, but I doubt there's any connection there. I don't know where these viruses are coming from. :shrug: I'm starting to think it's a problem with the antivirus those work laptops use. I've never had these problems with our computer and I visit the exact, same websites on both computers.