S
SME
My laptop is infected with a Virus / Trojan. Can some one identify it and
help me remove it. This is what it has done:
1. It replaced the wallpaper with one advertizing itself. Even if I replace
it, it comes back when I reboot the system.
2. It installed a screen saver, which on activation takes a snapshot of the
desktop and some bugs keep eating it away. I think this repeats every few
minutes, since I will have to move the mouse several times before I get the
current desktop.
3. It cleared all previous system restore points. So I can't restore to a
previous good state.
4. The "Desktop" and "Screen Saver" tabs in the Display Properties window
have been removed. So I can't disable the wallpaper and the screen saver.
5. I do have McAfee provided by Comcast. Once my system is infected, I did a
manual scan and found nothing unusual. But even it was not able to clear
Internet Temp files. It crashes when this is attempted. I found a file in
internet temp directory with a name that looks like some script. But the
McAfee warned me of a program ".tt20.tmp" accessing internet and I didn't
grant permission.
6. When my system was infected, it actually installed a program called
"Malware Protector". It appears there was no choice but install it when it
pops up a window, since even if you say NO, it does what it want to do. It
provided no option to uninstall. So I removed it from "Add / Remove
Programs" of Control Panel. Then only I realized that my wallpaper and
screen saver have been set (originally I didn't have any wallpaper and
screen saver). This Malware Protector was asking to pay up $49 or so to
PROTECT MY COMPUTER. That was on June 8th.
7. Yesterday, on June 9th, it installed another program called "Advanced XP
Defender". So now I have disconnected this machine from rest of my home
network and from internet.
Am I the only one affected by this? How old is this Virus / Trojan (I found
a reference to one that encrypted all files and ask for the ransom)? Any
remedy other than restoring the system from OEM's restore disk? If it is a
old one, why McAfee couldn't protect me from this?
ThanQ...
help me remove it. This is what it has done:
1. It replaced the wallpaper with one advertizing itself. Even if I replace
it, it comes back when I reboot the system.
2. It installed a screen saver, which on activation takes a snapshot of the
desktop and some bugs keep eating it away. I think this repeats every few
minutes, since I will have to move the mouse several times before I get the
current desktop.
3. It cleared all previous system restore points. So I can't restore to a
previous good state.
4. The "Desktop" and "Screen Saver" tabs in the Display Properties window
have been removed. So I can't disable the wallpaper and the screen saver.
5. I do have McAfee provided by Comcast. Once my system is infected, I did a
manual scan and found nothing unusual. But even it was not able to clear
Internet Temp files. It crashes when this is attempted. I found a file in
internet temp directory with a name that looks like some script. But the
McAfee warned me of a program ".tt20.tmp" accessing internet and I didn't
grant permission.
6. When my system was infected, it actually installed a program called
"Malware Protector". It appears there was no choice but install it when it
pops up a window, since even if you say NO, it does what it want to do. It
provided no option to uninstall. So I removed it from "Add / Remove
Programs" of Control Panel. Then only I realized that my wallpaper and
screen saver have been set (originally I didn't have any wallpaper and
screen saver). This Malware Protector was asking to pay up $49 or so to
PROTECT MY COMPUTER. That was on June 8th.
7. Yesterday, on June 9th, it installed another program called "Advanced XP
Defender". So now I have disconnected this machine from rest of my home
network and from internet.
Am I the only one affected by this? How old is this Virus / Trojan (I found
a reference to one that encrypted all files and ask for the ransom)? Any
remedy other than restoring the system from OEM's restore disk? If it is a
old one, why McAfee couldn't protect me from this?
ThanQ...