UK-POLOS.NET - THE VW Polo Forum

Just on the offchance that anyone can help here, I've got a virus that brings up adware on startup (Zango installer atm) and as I'm browsing the internet, and it's disabled task manager (ctrl+alt+del), dos box, regedit and any other vaguely useful programs. I have norton 2003 with all updates and adaware (again with all updates), but they aren't getting rid of it. It keeps causing crashes as well (windows brings up messages saying that my computer has recovered from a serious error).
If anyone knows what this virus is or how to get rid of it I'd love to know..

You could use spybot S & D available at http://www.spybot.info/en/index.html which has zango listed as one of the threats it removes. It's free to download and use.

Apart from just removing it, you might try spyware blaster, which tends to stop these things being installed in the first place

Or if you cant remove it, back up your files and start afresh im afraid.

If you havent re-installed your operating system in 6 months then you should just do it, it will also clean out all the rubbish you have.

I'd say the other guys have got it nailed, Spybot S&D + Spywareblaster is a(n almost) killer combo, if you remember to update them at least once a week.

I'd also recommend you running some decent anti-virus (get a trial version of Kaspersky's at www.kaspersky.com), some spyware only shows up when you run a full scan (including file contents).

And if you're wiping everything out, then please grab a copy of SuSE Linux 10 or Kubuntu 5.10 and rid yourself of (most) internet malware for good. You can install one of those beside a Windows partition too.

Cheers for the help guys.. I've tried spybot s&d which picked up a few infections, got rid of all but one which it can't remove (claims it's already in memory even when I run the program on startup), the infection is called LSA and apparently has two registry entries which can't be removed. I've tried removing them manually but I can't find them in the registry
Although the Zango installer seems to be part of the infection, I haven't let it actually install Zango so that doesn't get picked up.. it's obviously just a bundled part of another virus.
I'm using Norton AV 2003 fully updated, it's about the most up to date virus scanner I have, but I'll give Kaspersky a shot (never heard of it before!).
I've had this infection a few times before, usually immediately after installing windows so I just wipe it and start afresh.. but now I've had this install running for just long enough that I've got all my settings just how I like them, and I don't much want to start afresh yet again, I've already done it about 5 times since arriving at uni in september. If it comes to that though, I guess it'll have to be done.
I've dabbled with linux a few times in the past, never really had the patience to learn to use it properly. I should be getting a laptop next week though so I might install it on the PC and have another shot at it, nothing to lose that way

Thanks again for the advice!

You should try Microsoft Antispyware here

and try a mcafee online scan here

They both work for me.

oh and as well as infecting your computer with viruses, porn also makes you go blind!

Damn.. so that's why I need glasses..

GaryUK wrote:You should try Microsoft Antispyware here

and try a mcafee online scan here

They both work for me.

oh and as well as infecting your computer with viruses, porn also makes you go blind!

Don't listen to him, I can see fine.... Who put that door there

GC. Try booting your PC into Safe Mode and running SpyBot from there. It will be able to remove malware/adware that is otherwise tied into your system files and can't be removed when in normal operating mode. Assuming you are running XP of either flavour (Home or Pro), restart your PC and press F8 repeatedly after the initial POST screen disappears and you should find the boot menu will be displayed, from which you can scroll up and select Safe Mode.

If you're using Ad-Aware, download the VX2 plugin for it from lavasoft's website at www.lavasoft.de, as it's most incredibly useful in extending Ad-Aware's scanning range

Hope you can kill the infection off, if not get back to us and we'll try something else

What up groovers ... my take on it (building up of a reasonably adware/virus secure system from a clean starting point)

Drop all your essential files (ie anything you want to keep) onto a CDR / DVDR. Gather your installer discs for EVERYTHING. Also download & burn various utilities - spybot, ad-aware, a good antivirus (not. bloody. norton. --- try AVG or Avast!, both very good, well regarded, and more to the point.. FREEEEE!!) and, if you don't have a hardware one (and if you find XP's to be naff, if you're running that), a firewall like Zonealarm... etc etc
Oh and partition magic perhaps.
And all your up to date drivers, of course.

Do the download/burn off someone elses clean machine if at all possible.

Also while there make a suitable command-line bootdisc that doesnt load anything from the HD. Floppy is ok, but bootable CD seems to be where it's at now (e.g. even my win98 install disc allows this..), though you might need to alter BIOS settings to make it work.

Basically the boot disc needs to allow you to 1. Wipe the hard disc completely without reading anything from it, at all, apart from the basic partition information, 2. Kickstart the operating system installation process.

I don't know what an XP equivalent might be, but FDISK on win98 is simple and reliable enough; needs updated for large discs though, and can't handle anything over 120Gb even then (or 250Gb, when split into two drives, neither larger than 125 gig). Alternatively, partition magic.

Being double sure its all backed up (double check there isn't a manufacturer-provided D: drive or whatever that has re-install and driver files on), wipe the lot in the shortest simplest possible manner. Reboot. Go into the utility again and create the partition table (the reboot isnt neccessary, but helps make sure nothing residual lurks), then format the drive or drives as appropriate.

If possible during the installation process, leave the computer disconnected from the net (is that possible when installing XP?). Load the operating system at the most basic possible level (with all your desired options turned on), then have a quite temp-file cleanup, defrag etc. Load all your drivers (and repeat clean/defrag). Then the firewall, antivirus, anti-spy/malware tools (another clean/defrag), office/etc, any other software (final cleanup etc). THEN plug your internet back in and install any stuff relevant to that, only once the machine is clean and protected.

Always use Spybot's Inoculation function, btw.

what do these little geeks get out of creating viruses....
little cheap frill.... I'd love to get hold of one & smash his little head in...
I've had a virus called "Bloodhound" and still may have it..... its a real b!tch... Also I get porn popin up... usually happens when i do a search in google & click on one of the link.... NOT IMPRESSED...Especially if my dad or someone is around...

Thanks everyone.. I'll give safe mode and a blast with every nasty software remover known to man another shot, then I think it may come down to wiping everything completely and starting afresh. It's just a bit awkward to completely start over, I can't feasibly backup 20gb of mp3's onto cd-r's for a start, plus there's always something I overlook when wiping things. Also, booting from the win98 cd (only cd I have that is bootable and will give me a command prompt) screws things up because it can't recognise my 80gb hdd. Is there any useful bit of software that will create a bootable cd with the kind of magical powers required to recognise and play around with a disc of that size? fdisk is also hopeless in every sense of the word, and I can't remember what I've done with my copy of partition magic. It's all just a bit awkward really. Think I might just wait for the laptop to arrive, whack some decent ant-virus/spyware software on it before it has a chance to catch its breath, copy all my stuff over and then wipe the PC completely and have a play around with linux.. seems like a far more sensible option at the moment.

20gb of MP3s onto CDR is only like a single 25 disc cake.... you have at least a 16x burner, right?

you could do with having them archived in case of hard disc blowup anyway

i've got about 150 of the things if not more - and the first 30 odd were made with a 6x burner (that was only reliable at 4x by that point ... heck used to back up a 13gb disc 1:1 onto 20CDRWs semi-regularly using that thing, swap discs whilst doing work or browsing web)

it'll be a couple hours and you're all done and you won't have to worry about them again.

reminds me, i've got a couple gigs of stuff to offload onto CDR before punting them from the "not burnt" to the organised folder tree!

Funny that your boot disc wouldn't recognise your large drive, i'm pretty sure that when i last did a shakeup of my PC, it had no trouble with my "250"gb (~235) one, as above splitted up (actually several smaller partitions in the first 120gb, then one enormous drive in the last 120). Are you actually running XP on NTFS or something instead?

The "original" FDisk IS rubbish, but you need to download the upgraded version from the MS website, or probably available on any number of free windows accessories sites, that can cope with >8gb and >127gb discs.

Download Kaspersky antivirus, its the shizzle.

It will sort you out no problemo