Go Back  DVD Talk Forum > General Discussions > Tech Talk
Reload this Page >

A virus/trojan desguised as an ANTIVIRUS! Need help!

Tech Talk Discuss PC Hardware, Software, Internet and Other Technology

A virus/trojan desguised as an ANTIVIRUS! Need help!

Old 02-13-10, 12:01 AM
  #1  
DVD Talk Ultimate Edition
Thread Starter
 
Join Date: Mar 2003
Location: A National Park
Posts: 4,964
Likes: 0
Received 0 Likes on 0 Posts
A virus/trojan desguised as an ANTIVIRUS! Need help!

Ok I got this fucking thing on mylap top and I dont know how. I think I was rushing in a pissed mood and it popped up. I thought it was my virus thing so I oked it, than I saw it opened something that wasnt mine so I stopped it.

It wont let me open task manager, IE, CCLeaner, NOTHING! Ive tried troubleshooting it and fixing it. Now there is a symbol where my VS is and its a green sheild with a checkmark. Whenever I try to open anything it tells me that the file is infected and will not open , than it opens up some bogus "buy this program to clean the file"

The ONLY thing that works is on a boot, press A+C+D and than ending the task of a file called "nemjsftav.exe"

Than everything is fine. However I cant search for this and delete it completly. Every time I reboot, the problem is there. When I hibernate after clearing it, everything is fine. I tried Norton, CC, Virus Doctor, Maleware and theyre finding nothnig. Also, System Restore is NOT working for me, I dont know why.

HELP!
Old 02-13-10, 12:17 AM
  #2  
DVD Talk Legend
 
Join Date: Oct 2001
Posts: 17,937
Received 18 Likes on 16 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Originally Posted by Ravenous View Post
I tried Norton, CC, Virus Doctor, Maleware...
Well, I don't know about this "Maleware" program you used, but did you try Malwarebytes AntiMalware?
http://fileforum.betanews.com/detail...e/1186760019/1

Also, if the program can be terminated via taskmanager, it seems like it could be removed manually with HijackThis:
http://free.antivirus.com/hijackthis/
Old 02-13-10, 12:20 AM
  #3  
DVD Talk Ultimate Edition
Thread Starter
 
Join Date: Mar 2003
Location: A National Park
Posts: 4,964
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Yea thats whay I used, Malwarebytes AntiMalware. It found 1 thing, and it wasnt the problem.

I just noticed that IE does not work at all for me. It opens with a white screen that says it couldnt open due to "connection problems" I always used Firfox so I didnt know until now, I dont know why its like that, nor how to fix it. Ffox is working however.

I will try Hijack now.
Old 02-13-10, 12:34 AM
  #4  
DVD Talk Ultimate Edition
Thread Starter
 
Join Date: Mar 2003
Location: A National Park
Posts: 4,964
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Hijack found 2 files with the nemjsftav.exe

I did the Analyze this and it said it deleted them. Now to reboot and see if it works.
Old 02-13-10, 12:39 AM
  #5  
DVD Talk Ultimate Edition
Thread Starter
 
Join Date: Mar 2003
Location: A National Park
Posts: 4,964
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Okay after the reboot. It seems to be working. Im still skeptical though cause its been fucking with me all day and I am soooooo stressed. I have my fingers crossed.

My Internet Explorer still doesnt work as it theres no internet connection. Any ideas how to fix that?
Old 02-13-10, 12:49 AM
  #6  
Banned
 
Join Date: Oct 2006
Location: The People's Gaypublic of Drugifornia
Posts: 1,462
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Yeah, I've had this a couple of times. The first time it got so crazy that I just reformatted and put everything back on, (I've got everything backed up and it's pretty easy to install everything again-just takes time). The second time, I was able to use SUPERAntiSpyware Professional in safe mode and it took care of everything - www.superantispyware.com. That's the one I would recommend.

These things are getting pretty nasty. Number one thing to remember, if you're on a site that you're not absolutely sure of and you get a pop up that asks yes or no, never click it at all. Get to the task manager and end that task as quick as you can.
Old 02-13-10, 12:57 AM
  #7  
DVD Talk Godfather
 
fumanstan's Avatar
 
Join Date: Oct 2002
Location: Irvine, CA
Posts: 55,344
Likes: 0
Received 2 Likes on 1 Post
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Originally Posted by Ravenous View Post
Okay after the reboot. It seems to be working. Im still skeptical though cause its been fucking with me all day and I am soooooo stressed. I have my fingers crossed.

My Internet Explorer still doesnt work as it theres no internet connection. Any ideas how to fix that?

Recently my GF's boss had a similar issue with her home computer. One of the fake AV programs out there was screwing with IE's proxy settings. Try checking that out.... it's in Tools, Internet Options, Connections, LAN Settings. Make sure it isn't pointing to something weird.
Old 02-13-10, 01:21 AM
  #8  
DVD Talk Hero
 
Josh-da-man's Avatar
 
Join Date: Sep 2000
Location: The Bible Belt
Posts: 31,690
Received 19 Likes on 15 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

I think that the death penalty should be applied to whoever writes these things. Don't even go to trial, just have the Secret Service find them, drag them out to the nearest parking lot, and put a bullet in the back of their head.
Old 02-13-10, 02:00 AM
  #9  
DVD Talk Hall of Fame
 
Join Date: Jan 2000
Location: Somewhere out there... YES THERE!!!
Posts: 7,936
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

sounds like good old smitfraud.. When I did tech support we would restart in safe mode, do a scan with smitfraudfix. http://siri.geekstogo.com/SmitfraudFix.php

this works on all those stupid fucking programs like Winantivirus 2009 and so on that do exactly what you say.
Old 02-13-10, 07:14 AM
  #10  
DVD Talk Hero
 
Join Date: Aug 2001
Location: in da cloud
Posts: 26,196
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Originally Posted by Josh-da-man View Post
I think that the death penalty should be applied to whoever writes these things. Don't even go to trial, just have the Secret Service find them, drag them out to the nearest parking lot, and put a bullet in the back of their head.


And yet after all these years people still willingly install software that puts malware on their computers
Old 02-13-10, 08:08 AM
  #11  
DVD Talk God
 
twikoff's Avatar
 
Join Date: Feb 2000
Location: Right Behind You!!!
Posts: 79,497
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

im a fan of malwarebytes antimalware, but it hasnt been 100% effective for me lately

Ive been using rkill (which stops all malicious processes)
then combofix (which kicks the ass of any problems)

that combo is quick and easy and so far 100% effective
Old 02-14-10, 05:20 PM
  #12  
DVD Talk Limited Edition
 
Join Date: Aug 2000
Location: DVDTalk's Surgeon General
Posts: 5,521
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Oh and for the future, create a user that is not an administrator, and use that account when surfing. That way you cannot install programs...
Old 02-14-10, 06:03 PM
  #13  
DVD Talk Legend
 
Dr Mabuse's Avatar
 
Join Date: Jun 2007
Location: 75 clicks above the Do Lung bridge...
Posts: 18,950
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Or run Spyware Doctor for $30 a year and quit wasting time dicking around with free programs, and hijack this, and etc, that are far less effective than just preventing this stuff in the first place with first rate software.

Especially when you use IE as your browser.
Old 02-14-10, 06:56 PM
  #14  
DVD Talk Legend
 
Join Date: May 2007
Posts: 11,496
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Originally Posted by Dr Mabuse View Post
Or run Spyware Doctor for $30 a year and quit wasting time dicking around with free programs, and hijack this, and etc, that are far less effective than just preventing this stuff in the first place with first rate software.

Especially when you use IE as your browser.
Does that work as an antivirus program too or do you still need norton installed?
Old 02-14-10, 07:46 PM
  #15  
DVD Talk Legend
 
Join Date: Jan 2000
Posts: 16,173
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Originally Posted by Dr Mabuse View Post
Or run Spyware Doctor for $30 a year and quit wasting time dicking around with free programs, and hijack this, and etc, that are far less effective than just preventing this stuff in the first place with first rate software.

Especially when you use IE as your browser.


Don't be fooled into thinking one program makes you bulletproof either...
Old 02-14-10, 08:11 PM
  #16  
DVD Talk Legend
 
Dr Mabuse's Avatar
 
Join Date: Jun 2007
Location: 75 clicks above the Do Lung bridge...
Posts: 18,950
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Originally Posted by mhg83 View Post
Does that work as an antivirus program too or do you still need norton installed?
Keep Norton, when your subscription runs out on Norton, uninstall it fully and go get 'Avira Antivir Premium'(google it) to replace it. It's around half($26)the price of Norton now, and is simply a far better product.

Avira and Spyware Doctor get along real well together. Both companies are well aware of each other as many people run that combination, including me on all my Wintel systems.

Originally Posted by 4KRG View Post


Don't be fooled into thinking one program makes you bulletproof either...
Bulletproof? I said nothing of the sort and you know it.

The simple fact is: Spyware Doctor is far more effective at prevention and/or removal of a malware problem than any of the free programs tossed around by the many 'techies' on various forums as solutions to problems that have already occurred. It's the best program there is for the prevention of spyware/malware now, and has been for a good while.

Now back to the usual combofix/AVG/malwarebytes/hijack this/spybot/ad aware/etc 'techie' stuff. They all come up so often in threads where people who were already infected looked for a solution.
Old 02-14-10, 10:19 PM
  #17  
DVD Talk Legend
 
Join Date: Oct 2001
Posts: 17,937
Received 18 Likes on 16 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Originally Posted by Dr Mabuse View Post
Now back to the usual combofix/AVG/malwarebytes/hijack this/spybot/ad aware/etc 'techie' stuff. They all come up so often in threads where people who were already infected looked for a solution.
They come up so often because they're free. Most people don't want to recommend "go spend (an additional) $56 on these two programs" as a solution when someone comes looking for help, even if those programs may be better than the free solutions at prevention.

Malwarebyte's free version is a good malware scanner/remover, so is a good recommendation for someone just looking to remove an infection they already have. HijackThis is a useful tool for manually diagnosing an infection that malware scanners have missed (because it's new or rare, or plays trick on particular anti-malware programs, etc.).

Paid anti-malware programs often have more features than their free counterparts, and those features can help at protection/detection. However, free utilities have their place, especially when the paid programs have failed (which they inevitably occasionally will).
Old 02-14-10, 10:29 PM
  #18  
DVD Talk Legend
 
Join Date: Jan 2000
Posts: 16,173
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Originally Posted by Dr Mabuse View Post
Bulletproof? I said nothing of the sort and you know it.
Step back and be a n00b for a minute and now re-read your post. You didn't say "bulletproof", you implied with your lack of words that this 1 product was all you needed.

The simple fact is: Spyware Doctor is far more effective at prevention and/or removal of a malware problem than any of the free programs tossed around by the many 'techies' on various forums as solutions to problems that have already occurred. It's the best program there is for the prevention of spyware/malware now, and has been for a good while.
The fact is Spyware Dr use to be a horrendous piece of shit

It is ONLY with the release of the NEWEST version of Spyware Doctor with AV has it become a serious contender. Even the monetarily persuaded folks at PCworld reviewed it poorly in 2005

http://www.pcworld.com/article/12053...est_tests.html

So far this newest version and only this version are worthwhile

Spyware Doctor with AntiVirus 2010

http://www.pctools.com/spyware-docto...av-7_text_1-10

Now back to the usual combofix/AVG/malwarebytes/hijack this/spybot/ad aware/etc 'techie' stuff. They all come up so often in threads where people who were already infected looked for a solution.
I am not going to get buried in details and finer points here, but many of us really know how to use some of these tools and while they are not meant for n00bs, in seasoned hands they can be very effective.

I will give ONE clear example of what I mean. If you baseline Hijack this on your machine, it gives a great QUICK comparison to settings that may have changed on your machine from the baseline to today.

Not all of the tools are good, not all of the tools are good for every type of infection. Many have a purpose and serve that purpose well. It is a matter of the correct tool for the correct job, no one size fits all in the malware/virus world anymore.

I admit that I use automated "idiot" tools as wave 1 on figuring out what a machine might be infected with. I always fall back on manual tools to make sure they are gone. *IF* some of those manual tools happen to be freeware, I don't take that to mean they are crap. Many really good pieces of software are free and many pieces of pay software are crap. The price does not make the product.

These days however, infections of crap have become so advanced that if I care at all about the machine or the person using it, I wipe and reload.

If ANYTHING found it's way on to my machine, I would re-image without even blinking. I am setup for that, I know most people are not.

I have advised many people to just buy new machines when their 4 year old XP machine has become infected with something. Time for an upgrade anyway, and with what they would pay in labor to 'fix' the old machine, just isn't worth it. New hardware being so cheap and Windows 7 being such a worthwhile upgrade... (of course this doesn't apply to people like you that spend $15k on a machine)

I understand many here would rather spend a month of their own labor trying free tools before giving in to a reload Just don't fill out any credit apps while your OS is in a questionable state.
Old 02-15-10, 09:23 AM
  #19  
DVD Talk Legend
 
Dr Mabuse's Avatar
 
Join Date: Jun 2007
Location: 75 clicks above the Do Lung bridge...
Posts: 18,950
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Well... I see what you are saying.

To say only the latest version is worthwhile is nonsense btw.

Spyware Doctor was pulling ahead of the pack and getting 'the best we've ever tested' and 'the best we've ever seen' reviews/awards in 2007 and 2008. Including PCMagazine's and other 'editor's choice' awards and etc in those same years. I would say it's been the best since 2007.

You had to go for the $15,000 dollar thing...

I get so sick of noobs throwing around 'gaming machine' and 'workstation' terms about/on low end systems. Sticks in my craw.
Old 02-15-10, 11:22 AM
  #20  
DVD Talk Legend
 
Join Date: Oct 2001
Posts: 17,937
Received 18 Likes on 16 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Originally Posted by shadowhawk2020 View Post
Oh and for the future, create a user that is not an administrator, and use that account when surfing. That way you cannot install programs...
This isn't strictly true. Programs can be installed under Limited User Accounts (LUA), but they're limited to installing in the userland, as well as limited to what they can access. Most programs require administration privileges to install though, so working under a limited account can stop most malware as well.

However, running under aLUA can cause issues with legit programs that need administrator access, and of course installing programs. You also can't access and change most system settings. A solution for XP users is to use the free, open source utility SuRun, which lets you run select programs as administrator while in a LUA. Below are some links on how to set this up:
http://www.dedoimedo.com/computers/surun.html
http://www.wilderssecurity.com/showt...10#post1190510
http://www.wilderssecurity.com/showthread.php?t=200772
Old 02-15-10, 11:50 AM
  #21  
DVD Talk God
 
twikoff's Avatar
 
Join Date: Feb 2000
Location: Right Behind You!!!
Posts: 79,497
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

one thing i have learned about malware/adware/etc is that what is best today, wont be best in 6 months..
some move ahead, others fall behind, some even get targetted

i use what works, and because of this would not recommend paying for a solution
Old 02-15-10, 03:25 PM
  #22  
DVD Talk Godfather
 
fumanstan's Avatar
 
Join Date: Oct 2002
Location: Irvine, CA
Posts: 55,344
Likes: 0
Received 2 Likes on 1 Post
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Personally, I would say the free programs out there knock out over 95% of the stuff that people get infected with and it makes sense to start with those, especially since even the best paid programs can miss something. I can't imagine recommending someone go and pay money if something free can do the trick first.
Old 02-15-10, 04:20 PM
  #23  
DVD Talk Legend
 
Join Date: Jan 2000
Posts: 16,173
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

Originally Posted by Dr Mabuse View Post
Well... I see what you are saying.

To say only the latest version is worthwhile is nonsense btw.

Spyware Doctor was pulling ahead of the pack and getting 'the best we've ever tested' and 'the best we've ever seen' reviews/awards in 2007 and 2008. Including PCMagazine's and other 'editor's choice' awards and etc in those same years. I would say it's been the best since 2007.
IMO - there is not a 'The Best' - it's just me and I won't change

There is USUALLY a 'The Best' for each specific malware, just not one for all in any year at any time.

You had to go for the $15,000 dollar thing...
Had to, yep

I get so sick of noobs
Yes, I am sick of n00bs too


and a thumbs up to twiky and funmanstan - it changes so fast that from week to week you need different tools to win the battle and some of the pay versions can't keep up.

Last edited by 4KRG; 02-15-10 at 04:24 PM.
Old 02-15-10, 04:28 PM
  #24  
DVD Talk God
 
twikoff's Avatar
 
Join Date: Feb 2000
Location: Right Behind You!!!
Posts: 79,497
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

this is the internet, i have a hard time recommending anyone pay for anything you can get for free
**stands next to name and blocks top hat**
Old 02-15-10, 05:16 PM
  #25  
DVD Talk Legend
 
Dr Mabuse's Avatar
 
Join Date: Jun 2007
Location: 75 clicks above the Do Lung bridge...
Posts: 18,950
Likes: 0
Received 0 Likes on 0 Posts
Re: A virus/trojan desguised as an ANTIVIRUS! Need help!

My porn surfing friends who surf like morons on IE6 and the like all run Spyware Doctor, I have never seen a system have a problem under that scenario. They run it because I told them to, so I don't have to fix their shit all the time.

I have taken my 'goof around' system to all kinds of sites browsing with IE, deliberately clicked on malicious 'check your system' pop ups, clicked on banners, swatted flys, all kinds of stuff. All manner of attempts to deliberately infect the system. I wasn't able to do so while running Spyware Doctor.

Later during a scan Spyware Doctor merely alerted me of the attempt and removed the traces, along with the cookies from that site and any other tracking cookies.

I pay $30 a bucks a year and have never had single malware issue since... since 2006 when I started running Spyware Doctor. My noob friends, people around the internet, family, etc, never have either.

It's not bulletproof, nothing is. But all this nonsense of 'changes every 6 months' is just that, complete nonsense. Free software doesn't have even a 50th of the talent and resources brought to bear on being kept up to date.

Add Avira and Avira Premium's 'Web Guard' will block a website from loading if the page or any ad on it has suspicious code, you have to choose to load it over two warnings. You add that to the mix and it troubles with malware are virtually a non-issue. They have been for years for me, family, friends, people on forums I know who run it, etc.

That's why I recommend it. Because I know for a fact it works even on novice internet users who tend to try and 'catch the fly' and truly believe they are the 'lucky one millionth visitor grand prize winner' and click on it .

That's worth $56 a year to me.

$20 for a top hat and $30 a year is just too damned much to pay?

Thread Tools
Search this Thread

Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information

Copyright 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.