Skip to comments.Difficult Computer Virus
Posted on 06/27/2010 6:12:20 AM PDT by Mere Survival
I thought I had killed a virus. It was a Chuck Norris Trojan that infected the router and directed me to a site that infected me with the AV Suite ransom virus. No anti-virus and anti-spyware programs got the virus so I had to 1) set a password on my router (to keep it from being reinfected) 2) Reset and then turn off my router to kill it's RAM with the redirect 3) remove the partition to reformat my drive 4) reload everything.
I thought that killed it and it seemed to. Then yesterday I went into my NVIDIA graphics processor to put it in sync with my LCD TV.
Well . . . I get a popup saying X program is trying to connect. Thought it was NVIDIA and BAM I've got the AV Suite virus again. Worried it lodged in the NVIDIA hardware somehow? Anyone hear anything about that?
I ran Malewarebytes and killed the AV Suite virus, but after it was dead I got an error screen (the site unavailable one) on internet explorer. Now I can only connect thru Firefox or Netscape.
Anyone have any ideas?
back up you files, including operation system, wipe your machine, reinstall everything.
this worked for me....
get free trial NOD32 then run scan
this should find and isolate your virus
this worked for me....
get free trial NOD32 then run scan
this should find and isolate your virus
done 3 times, not it.
This might help...
Also, avoid IE like the plague. I refuse to use even the most up to date version of IE for anything other than work stuff because no matter how secure you think it is, something like this always happens.
Sounds like a rootkit I would low level format the drive and start over
My neighbor got that virus and called on my expertise for aid. I have none of that so I got it taken care of by another neighbor’s teenager who moused and keyboarded for 40 minutes and it was all fixed. I don’t know what he did because I couldn’t follow his moves and he doesn’t explain things very well at all. One characteristic of this AV infection is that it prevented the executing of any setup file that I tried to download or run from the DOWNLOAD folder on the hard drive.
From the graphics and the “AV” I think it was trying to disguise itself as the AVG antivirus program, which it disabled. It also disabled Spybot and the firewall. Those were the only programs that had to be uninstalled and reloaded.
Go to www.majorgeek.com and follow their instructions. You’ll end up running “hijackthis” and hack your registry. Go slow and follow the directions exactly or you’ll kill your computer. If you do, though, you will kill the viruses.
“fdisk /mbr” after you have deleted any existing partitions on the hard disk.
So that will take it out if it’s in the master boot record? Ok, will give that a try.
I have no suggestions but wish you luck - how terrible these cyber terrorists are. They should be shot~
Are you Serious?
It’s Chuck Norris, you can’t beat him
Did someone forget to mark this Post - Satire?
To get rid of a virus in Windows it’s better to be OUTSIDE the windows environment.
Google “Kaspersky Rescue Disk”. When you find it, download the ISO image file and burn it to a CD. This will create a bootable CD that has the Kaspersky Anti Virus program running in Linux.
Make sure before you boot, that the computer is connected to the internet by a WIRED connection. The rescue disk will not set up wireless.
Now update the virus signature files. After that your ready to scan. Set the scan for “take action after scan finishes”. This thing has worked for me several times. Scan before you go to bed. It can be real slow.
V live long and prosper.
Before or after they are thrown into a pit of live Rats?
It’s Chuck Norris!
Your machine is lost, the only thing you can do now is run!
Next thing you know, there’ll be an infestation of roosting Ninjas in your kitchen.
/ just kidding.
There’s some good advice on this thread.
Also grab some spyware killer like Lavasoft’s Ad Aware and Spybot Search & Destroy.
PC World also has articles about good bug killers.
Launch Internet Explorer. In Internet Explorer go to: Tools->Internet Options->Connections tab.
Click Lan Settings button and uncheck the checkbox labeled Use a proxy server for your LAN. Click OK.
If that fails... I would give the DBAN utility a try. That should ensure that every literal bit of the disk is wiped out.
My wife just got this infection on our main pc. She got it via a ‘twilight’ link
NOD32 did not catch it.
My thoughts exactly. All that kick boxing and martial arts would make a pretty tough virus. Sorry, I couldn’t help myself.
Try searching for and downloading a program called ‘Fixwareout’.
I’ve used it quite a few times on ‘stubborn’ viruses and seems to work real well.
You have to run it in ‘Safe mode’ in Windows.
Fixwareout opens a ‘command’ window and runs from there.
Once you are done, it will reboot and the virus should be gone.
Totally agree. Norton messed ours up so bad that it was nearly sent to curb. And, no, despite me having proof I sent in the correct info they never would send the rebate.
My mother got the dreaded "Microsoft Antivirus" virus. I told her to shut down her machine, get the backup out of the closet and use it, and wait until I come down there next to reprogram her machine.
I use McAfee Stinger and it helps as well.
My husband’s computer got the AV bug Saturday. He took it to a friend who got him back on line. However, we haven’t turned his computer back on yet. This thread may will help us figure out what to do next.
Backup, backup, backup - great advice.
If it is similar to PC Antispyware, it’s nasty. If you have an uninfected computer, go find a trial copy of MalwareBytes. Transfer it to the infected computer with a flash drive. Install and run MalwareBytes in the Safe Mode, and do the full scan. It may take 2 to 3 hours.
In my case the PC Antispyware damaged my internet protection software (Panda Internet Security 2009), to the point where a “repair re-install” did not work. I had to do a complete uninstall and reinstall, download updates.
it depends if the rats are Rats or RATS...
if RATS.. after.. that way a LOT OF RATS can go with them
Yikes... running late for church (with that nice Christian thought the last I key in..LOL)
Those directions worked for me a few weeks back when I caught the bug. Also you will get alot of fake security messages, read them but don't follow them, upon close scrutiny you will discover the broken english used, it was my first clue that I had a virus. Malwarebytes seems to have removed it
This would be a first. Never seen a virus that infected a router. Changed hosts. file settings and browser settings yes, but not a router. That's just not possible because the router's iOs runs in Firmware. It can't be re-written with a virus.
Same with a video card by the way...
Thanks for the ping.
Tried this and it has worked so far. . .
Get Root !
Thanks for the ping!
I copy all the tools and suggestions and send them to a web-based e-mail that I can reference whenever I get to a pc that looks like toast...
keeps me up to date! some good webtools available..
I still find USB flashed superantispyware and windows defender/windows security essentials manage to remove the activity until you can hit it with everything you have...like malwarebytes, etc....
If it’s your router that’s been compromised and had its DNS servers redirected so you’re constantly browsing to the hacker’s chosen site, then we need to reset the router to factory original, then update the device. Hard reset, will be a small button somewhere on the router (depending upon your make/model).
If it’s your PC that is actually infected, first download AVG Free (I like it) and Microsoft Security Essentials (also free).
Then, BEFORE you install, disconnect from the Internet (unplug or turn off your WiFi), and shut down the computer. Then restart, run AVG Free, then run and install MSE.
THEN, and only then, reconnect to your router.
Then download new firmware for your router and install it. Reboot everything again, and you should be in the clear.
As another poster above mentioned, your router is most likely NOT infected, it’s probably just been reconfigured, so the reset - and updating the firmware - will fix that issue.
Maybe I missed it but what OS (including service Pack) are you running and which version of IE? What type of router do you have? Model and firmware?
Never heard of that one but got a copy. Thanks!
The Chuck Norris Computer virus doesn’t infect computers....
Computers just stop working in fear of getting it....
The malware changes the proxy setting in the browser to redirect all traffic for control. Eliminating the malware alone does not restore the browser to its original config.
Glad it helped you.
In my case the nuisance messages were popping up frequently, every minute in some cases. If I closed the pop-up, it would route my browser to porno sites. MalwareBytes did clean the rogue program and fix the registry (yes, the rogue program does a number on the registries, and also blocks out Windows Explorer, and will not allow you to go to the DOS prompt unless you are in the Safe Mode). It also corrupts Panda to the point it becomes inoperable, so a full uninstall, reinstall, and update of Panda or whatever internet security package you are using may be necessary.
This would be a first. Never seen a virus that infected a router.
No I don’t think it’s a first, and it infects the router from my experience. If I just wiped the hard drive the virus was still there. I had to wipe the hard drive and reset/turn off the router. I think it lodges in the RAM of the router. The redirect stays in the router unless you power down the router and kill the RAM. If you don’t do that you are just redirected to a server that reinfects you even if you kill the virus on the computer.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.