Problem with Computer

Post Reply New Topic

Hi, my mom's been having a problem with her computer

Apparently my sister clicked on something and now the wallpaper's been replaced by an ad for something called livesecuritycenter.com, there's fake warnings in the task bar and when I try to open the task manager it proclaims its been "disable by your administrator" (my mom IS logged in as administrator)
I've uploaded AVG, Ad Aware and SuperAntiSpyware on it and none of them can find it.

My stepfather had previously removed Norton Antivirus, because he thought it was a virus called "Norton Anti".

Try Spybot S & D www.safer-networking.org
Also try avert stinger vil.nai.com/VIL/STINGER/
See if you can get Norton back on computer as well. Do you have AdAware 2007?

Sounds like your PC got subject to the WMF image exploit. To be honest you probably could clean that stuff off your system but it would probably leave alot of crap embedded in your system registry, if you still have the original windows discs you're probably best off to just backup your data then format and reinstall your operating system. After that get yourself some decent anti virus and be sure to keep your PC patched up with the latest microsoft updates (assuming you use windows).

Norton Antivirus is a waste of money and leaves you as good as unprotected, McAfee is no better. If you want good anti virus security then have a look at Kaspersky, its good and its decently priced as well pretty cheap for a 1 or 2 year license, obviously also gets some anti spyware software like AdAware.

You can get a fix for the WMF exploit here:
http://www.microsoft.com/technet/securi ... 6-001.mspx

Btw the WMF exploit is basically a vulnerability in the windows graphics format that allows a malicious user to embed self executing code into an image, when you open the image the code runs without restriction by protection software it gets ignored by anti virus and can just take control of your PC and change anything it wants which is what sounds like happened to you (ive had the same thing happen to me before as well).

Of course the other fundamental aspect to PC security is make sure the people using the system know not to open unsolictied email or download attachments from people they dont know or click links sent to them etc etc

reboot in safe mode, then remove it.

I would suggest a boot time virus scan as well...
I know it can be done with avast.

you might also get some use from this tool

http://www.precisesecurity.com/tools-re ... tfraudfix/

followed by replacing your default hosts file with one that blocks bad domains more info here

http://www.mvps.org/winhelp2002/hosts.htm

I must remind you this is NOT one of my computers. My Windows XP has alot of anti-spyware and anti-virus programs and my other one runs Linux.

My mom has no clue how to even use a computer at all, it's mainly for my two younger sisters. I just want to do something to get it off so they can stop calling me.

ok, sounds like one good route to take is check the computer with Spybot Search and Destroy, and remove the problem with that

ONLY reformat it if there is no other choice

on a side note, had this happened to someone in my family (I've already had their computer up at my house once), I would fix it

I fixed it by using a program called Malwarebytes' Anti-Malware. The wallpaper is back up to the one of the Newport Bridge she has up (I don't know why she has that considering the bridge is litterally within a walking distance of the house) and the warnings have disappeared. I put AVG on it just in case.

I gaurantee it came from someone clicking on a fake "you have a virus!" pop up considering that my mom, stepdad and two sisters know very little about computers (myself, my two oldest sisters and my dad know more) and my 16-year old sister is gullible enough to fall for the "Pop 10 Balloons for a Free iPod" ads on MySpace.