Need some serious computer help.

Discussion in 'General Discussion' started by Kickback, Oct 18, 2008.

  1. Kickback

    Kickback Proud father Administrator Super Mod News Staff

    Joined:
    Jun 25, 2002
    Posts:
    40,257
    News Credits:
    2
    Trophy Points:
    347
    Location:
    Denver, CO
    Likes:
    +13
    Twitter:
    Instagram:
    Tumblr:
    So my friend was browsing my computer while I was gone (just MySpace apparently) and somehow the virus "XP Antispyware 2008" got installed and has really fucked up the computer.

    I've deleted the registry entries that I can find as well as most files, but my Internet Explorer is now all fucked up (running as "No Add-Ons") and it somehow shut off my permissions to view my own Task Manager.

    Can someone help me? :( 
     
  2. Dark_Convoy

    Dark_Convoy Old Bastard Veteran

    Joined:
    Jul 1, 2002
    Posts:
    17,201
    Trophy Points:
    271
    Likes:
    +0
  3. ShortCircuit

    ShortCircuit Decepticon

    Joined:
    Nov 28, 2006
    Posts:
    1,698
    Trophy Points:
    126
    Likes:
    +0
  4. McBradders

    McBradders James Franco Club! Moderator

    Joined:
    Sep 17, 2002
    Posts:
    34,131
    Trophy Points:
    286
    Likes:
    +0
    Jeez, MySpace is a hole, my girlfriends lappy suffered from something very similar not so long ago.
     
  5. Kickback

    Kickback Proud father Administrator Super Mod News Staff

    Joined:
    Jun 25, 2002
    Posts:
    40,257
    News Credits:
    2
    Trophy Points:
    347
    Location:
    Denver, CO
    Likes:
    +13
    Twitter:
    Instagram:
    Tumblr:
    Okay. Update.

    IE is destroyed. Dunno how I'm gonna fix it. Firefox has been my hero. 99.9% of the malicious software is now gone. However, I can't seem to get rid of the annoying every 5 second Windows pop ups telling me I have malicious software and I need to download something.

    So far, it looks like:

    braskt (registry)
    braskt.exe (two files)
    karna.dat

    ...are causing the fake alerts. Gonna try a few more things. Any other suggestions?

    Spybot failed btw.
     
  6. MegaMoonMan

    MegaMoonMan www.megamoonman.com TFW2005 Supporter

    Joined:
    Jul 13, 2004
    Posts:
    17,237
    News Credits:
    3
    Trophy Points:
    322
    Likes:
    +31
    Ebay:
    YouTube:
    Hijackthis might help - just be careful what you tell it to erase.
     
  7. cobra zartan

    cobra zartan Think's He's a Detective.

    Joined:
    Feb 4, 2006
    Posts:
    6,344
    News Credits:
    16
    Trophy Points:
    232
    Likes:
    +19
    download this smitfraud fix from the link below

    SmitFraudFix

    boot into safemode and run the file and you should be back to normal.
     
  8. MegaMoonMan

    MegaMoonMan www.megamoonman.com TFW2005 Supporter

    Joined:
    Jul 13, 2004
    Posts:
    17,237
    News Credits:
    3
    Trophy Points:
    322
    Likes:
    +31
    Ebay:
    YouTube:
    I tried that for fun - it wouldn't run; it says the process.exe file is missing, when it's right there.
     
  9. cobra zartan

    cobra zartan Think's He's a Detective.

    Joined:
    Feb 4, 2006
    Posts:
    6,344
    News Credits:
    16
    Trophy Points:
    232
    Likes:
    +19
    Thats odd MMM it just worked for me. This is one of the tools I use at work when I am doing system cleanings and I have never had any issues except for some antivirus programs stop the script from running.
     
  10. Zathras

    Zathras Vive le Quebec Libre

    Joined:
    Nov 8, 2002
    Posts:
    1,764
    Trophy Points:
    177
    Likes:
    +4
    My uncle had this spyware on his pc last week.

    Windows Defender (from microsoft website) and the free trial of AVG cleaned the PC up.

    You can try Housecall from Trendmicro (online scanning tool) as well
     
  11. ShortCircuit

    ShortCircuit Decepticon

    Joined:
    Nov 28, 2006
    Posts:
    1,698
    Trophy Points:
    126
    Likes:
    +0
    look for braskt in your startup

    click start, run, type MSCONFIG, click startup maybe in your startup menu

    open task manager first, kill braskt then proceed.

    delete in both c:windows/system32

    Other files associated with this karna.dat, wini104552663.exe
     
  12. Scrappy

    Scrappy smiling a blacktooth grin

    Joined:
    Aug 4, 2007
    Posts:
    414
    Trophy Points:
    76
    Likes:
    +0
    Kickback, my mother faced this exact same virus.

    I used AVG to stop the malicious popups. I can't say for certin if it actualy deleted and removed the file but all I know is that the problems stopped.
     
  13. Chaos Muffin

    Chaos Muffin Misadventure Veteran

    Joined:
    Mar 26, 2004
    Posts:
    28,751
    Trophy Points:
    322
    Likes:
    +4
    Thinking about installing a ghost drive for stuff like this
     
  14. Darkravager

    Darkravager Zombie Hunter

    Joined:
    Jan 31, 2004
    Posts:
    6,293
    Trophy Points:
    211
    Likes:
    +1
    My wife got something like that on our laptop not long ago. AVG took care of it for me too.
     
  15. Kickback

    Kickback Proud father Administrator Super Mod News Staff

    Joined:
    Jun 25, 2002
    Posts:
    40,257
    News Credits:
    2
    Trophy Points:
    347
    Location:
    Denver, CO
    Likes:
    +13
    Twitter:
    Instagram:
    Tumblr:
    Here's the full details of what happened:

    A friend who is staying with me was on MySpace and Yahoo! E-mail. Something happened and it downloaded "XP Antispyware 2008" and did the usual replace your desktop with its own image, start trying to download "protection programs", etc.

    First thing I decide to do is CTRL/ALT/DEL ... but this thing disabled it. Mother fucker. Try to run AVG ... won't allow it to boot up. Do some research, discover the best utility to use to clean up a lot of the extra junk is Spy Hunter 3, so I get a copy of that, cleans out 99% of my problems.

    Also try RougeFix to try and fix up some of the startup values, though it didn't really help all that much. ShortCircuit is a GOD though, as his recommendations helped me more than anything I found on the web.

    It wasn't pop-ups ... it was "Windows Alerts" from the right corner of your screen saying "OMG, You have malicious software! Windows will now download..." type of crap. Killing task braskt.exe seems to have worked, as now it runs all fine and dandy and nothing is giving me issues.

    My last problem...

    Internet Explorer looks to be stuck now as "Internet Explorer With No Add-Ons" ... and I can't seem to switch it back, as the settings are set to allow add-ons. Is IE a lost cause for me? And should I have been using FireFox in the first place?

    Thanks guys :) 
     
  16. Zzeezz

    Zzeezz Ambassador of Music TFW2005 Supporter

    Joined:
    Mar 25, 2003
    Posts:
    1,326
    Trophy Points:
    211
    Likes:
    +0
    I was able to get rid of it with spybot, but it took some work. Ran it once, rebooted in safemode, ran spybot twice, rebooted again in normal mode and it was fine.
     
  17. Dark_Convoy

    Dark_Convoy Old Bastard Veteran

    Joined:
    Jul 1, 2002
    Posts:
    17,201
    Trophy Points:
    271
    Likes:
    +0
    Must be ugly - spybot has never failed me in the past. :( 
     
  18. llamatron

    llamatron Shut up, Nigel. TFW2005 Supporter

    Joined:
    Jul 11, 2002
    Posts:
    8,971
    News Credits:
    9
    Trophy Points:
    262
    Likes:
    +15
    Yes.

    Yes.




    The easiest way to really fix this problem for good is to reformat. A bit of a pain, yes, but it gets the job done.
     
  19. ShortCircuit

    ShortCircuit Decepticon

    Joined:
    Nov 28, 2006
    Posts:
    1,698
    Trophy Points:
    126
    Likes:
    +0
    Ive noticed IE installs a shortcut sometimes to "run with no-add ons"

    maybe the virus renames the properties of IE shortcut you were used to opening/originally had on your desktop to run the NO ADD ON one.


    this MAY help get your addons back.

    How to manage Internet Explorer add-ons in Windows XP Service Pack 2

    try not to restart the computer if you dont have to.

    last resort uninstall IE and reinstall. try to anyway..
     
  20. getoninja

    getoninja 1# Porno Moderentor

    Joined:
    Jul 4, 2002
    Posts:
    1,308
    Trophy Points:
    176
    Likes:
    +0
    Kickback, If you havnt done so, run your PC in Safe Mode, hold F8 when you turn or restart your PC. Then re-run all those spyware programs like AVG, Spybot and such.

    Those spyware programs wont run in the backgroud in safemode, easer to remove.

    And if you do use Hijackthis, you should do reserach before hand what to remove.
    hope this helps
     

Share This Page