Hacked/Virus

[EJP]

I don't know how but someone has gotten into my home computer and messed it up. Some fake computer security device has installed itself onto my computer and now I have problems. Somehow some but not all my protection software has been turned off. I can't turn on many programs (Such as the add or remove program, firefox, or even the help and solution program.) and all my system restore points appear to be deleted leaving only one which is right when I started to have problems with my computer. I'm out of ideas as to how to fix it. So, any advice would be nice.

[Teh Donut]

So you got the Stronghold virus now too? What's your operating system, and what antivirus do you use?

[EJP]

I uses Windows XP on an old Dell computer from 2003 or 2004 (Around there). My anti virus protection software is spyware blaster and the my antivirus program is Spybot - Search & Destroy.

[Teh Donut]

So...am I right about it being the Stronghold virus? Sounds quite similar to what my sister had.

[EJP]

I don't know.

[Teh Donut]

Okay...find out. Try doing a file search on your computer for "SoftStronghold" without the quotes, or take a quick look in your program files for something similar. If it happens to be on there, that'll make this easier on me.

If that turns up nothing, then either describe exactly what's going on with your computer, or try to do some lookups on your own. I can't help you if I don't know what I'm up against, and if I don't know what I'm up against, then my methods could very well make your system unusable.

[EJP]

Well I've done some things that seem to have "improved" the current state of my computer. I wouldn't say I fixed it but its better than it was earlier today.... and as I type this I'm having to fight off a the fake security program that keeps popping up every few minutes.

The list of things I've been dealing with:
When I turn on safe mode my keyboard and mouse instantly stop working the second I click on something that involves typing.
The fake security program keeps turning itself on and maybe even just reinstalled itself since I deleted it earlier.
I cannot turn on the program need to turn check on my fire walls.
I cannot turn on the program to look for help as to fix my computer or any problem with it.
Anytime I click on firefox it says that the sever is down on my homepage even though as soon as I go to another site, everything is fine....... ish.
6 Trojans and 2 key loggers keep reappearing even though I've deleted them several times offline and they reppear while I'm offline.
Spyware blaster doesn't seem to be working at all, even though it says its working.
Spybot search and destroy keeps unimmunizing 1 host program which then moves onto 5 hosts programs and is probably unimmunizing more things as I type this since I'm online.
Everything seem to go to hell the second I plug my internet cable back in.

Thats what has been happening to me. If only I had some sort of tracking program to back trace all this crap back to the person who created it. Because if I find them, I will cut off their hands, feet, nose, and tongue with my machete and then patch them all up so that they would have to live with it.

[Teh Donut]

Yep, as I thought, you have a rogue anti-spyware/virus program on your computer. Exactly what does it say it is?

You weren't hacked. All it's doing is creating its own fake trojan/virus programs to find in an effort to scam you into giving money to the people who created it.

Most likely it infiltrated your computer through an ad on a site...it likes to do that, mainly because it's a scam program and the people behind it have the money to pay for said fake ads. hypertext is kinda dangerous like that, and is why we don't allow it on the boards (That, and I don't think it's possible with Proboards, even if we wanted it to be). Sadly, Spybot is a second-rate program that does poorly at live, real-time scanning of your computer. It's tricky to avoid, since programs like that'll download themselves without needing any real confirmation or input from you, so it's not exactly your fault.

[EJP]

It says "The "scan" has found 6 Trojans" on my computer and that a bunch of important programs have been infected. If I try to close or minimize the fake program it says to either keep scanning my computer, buy the full program, or if I already have bought the program to enter a activation key.

I read about this on Gaia (Asked for help there too. Only got a sticky with some information) and I did this download thing for advance infections. It's not bloody working. I got SmitfraudFix. I did all the scanning and fixing with it and nothing has changed. I tried to use the Microsoft reimager thing that just came out but the program fails to activate like many other basic security programs I've tried to check.

[Ninmast]

Ah, that virus has been going around. The shop's seen a dozen of them with that problem.

If it's gotten so far as to disable so much, try going into safe mode and seeing if System Restore will work from there. If not, you'll have to go to regedit and remove the entries one at a time. The problems will be in Local Machine and Current User, under Software > Microsoft > Windows. Look for anything marked antivirus. Anything in those sections or anywhere else that say things like DisableFirewall or DisableRestore or anything like that, delete it.

However, if it won't allow System Restore or regedit in Safe Mode, your system is too far gone and will have to be wiped and reinstalled.

In either case, whichever the outcome, always make sure your antivirus is the newest version and is up to date and allow it to scan regularly. Never open files or e-mails you don't recognize or go to potentially dangerous websites. One program that is praised for being good at catching and removing this thing (if you can get it early enough to do so) is MalwareBytes. I also encourage you to switch to a more dependable antivirus program, such as AVG 9.0 or Avast.

[Teh Donut]

*repeatedly slams head against desk* EJP, for the last time, what is the name of the f*ing rogue software. What does it call itself. Depending on what exactly it is, you might not have to wipe your system.

In the meantime, keep that computer disconnected from the internet. Go ahead and download one of those anti-virus programs Nin suggested to either a CD or a thumb drive from another computer. You'll need it later, regardless of if we wipe the system or not. Personally, I use AVG.

[EJP]

It calls itself "Your PC Protector" (I could have sworn I typed that earlier....). I found a website to use to remove it.... but I'm going to have to do so manually because this damn virus keeps turning things off. So far I cannot do anything with the run program. I'm trying to open up the registry but its not working. I've tried downloading a program to fix everything for me.... the program fails to turn on like so many others I've tried downloading.

Anyway, this is what I have and have been trying to do.
www.2-spyware.com/remove-your-pc-protector.html

Oh and Ninmast I can't do a system restore because the virus deleted all my restore points, leaving only one which is the day the virus started truly affecting my computer. My mom, without asking me about it, tried to do a system restore using the one and only restore point..... and it didn't restore things...... just like I predicted. Anyway, it looks like I'm screwed.

[Ninmast]

No, it didn't delete your system restore points. It disabled them. There's a difference. If the virus hasn't gone too far, you should still be able to access them from safe mode. Judging from what you've said so far, however, and that you are largely inexperienced with maintaining your own PC, I'm guessing it's already gone too far for that.

[EJP]

Thank you Donut and Ninmast for your help. But none of it ended up helping. To summarize what happen...

BLUE SCREEN OF DEATH!

So my home computer is dead and I don't when I'll be back online. On the upside my new computer should be ready soon. But on the down side, there will be no last The Sims 2 EAB story before I get The Sims 3.

[Ninmast]

Why get a brand new computer for that? Why not just reinstall windows on the first one?

And if you're going to get a brand new computer, make sure this one has adequate protection.