HatsforPH

CLOSED Virus Controls Keyboard and Disables Asquared

Recommended Posts

I'm sorry if someone has already posted something like this before, but I couldn't find one. So, a Windows XP computer got the "System Check" virus which was removed. Asquared Anti-malware and Online Armor werer then installed on the computer. After a hour or so whenever I would go to the taskbar to the start menu, clock, etc. the mouse would select something immediately and open it. When the computer was connected to the internet, Firefox would go to random pages constantly. I also noticed that Asquared's guard and the firewall was off and I couldn't turn it back on. (The computer was not connected to the internet at this point) I ran a deep scan with Asquared and nothing came up. I restarted the computer and the blue screen of "Disk Check" came up. (Didn't before) But before I could do anything, after about 3 seconds a "key" was pressed to stop the disk check. I didn't press anything on the keyboard. I knew it had to be some form of Malware. I tried pressing F8 to get into safe boot BUT when I get to the screen it would show up for a second then "Start normally" would be highlighted and selected. I tried different keyboards and it happened. I couldn't open anything because it would be closed, and I could only start the Task Manager. I didn't see anything out of the ordinary in processes but cpu and memory were at 100% used...and nothing was running.

Anyways, eventually I booted into safemode (By starting 'msconfig') and the problems persisted. I finally removed the "Virus" by finally getting asquared's guard to start again in safe mode. I ran a deep scan and this time a few "medium" level trojans were found. I can't remember what they were (I'm not going to work on the computer again till this Saturday) but they did consist of "DX" in the name and they were .exe. I removed them but the computer was still sluggish and firefox and other programs wouldn't run. I ended up manually going to the .temp folder where Asquared found the medium level trojans and moving ALL of them to Asquared's quarantine. (There were many more malicious sounding names in notepad files and .exe's that asquared didn't find anything bad in) After deleting them in Asqaured the compuer was fine again. NOTE: I tried running TDSS Killer and it wouldn't start.

I want to know if anyone knows what this virus is and why asquared was disabled and couldn't find them. Also, did this virus have to do with System Check? Thank you for your time and sorry if someone has posted this before. :P

Oh! And also is it possible this virus could come back again if the computer was connected back to the internet? (Since Asquared and the firewall were disabled by it.)

Share this post


Link to post
Share on other sites

Hello and welcome to the Emsisoft support forums.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread also read the Emsisoft Support Forums Terms of Use

To Highlight a few:

  • If you are seeking help make sure to only create one thread per problem at a time. Multiple threads about the same problem will get closed.
  • To keep the threads clean please don't post the content of log or report files directly in your reply. Instead please attach any reports or logs you were asked to submit as a file attachment.
  • Don't use any kind of "l33t" speak or slang and always keep in mind that most of the other people here don't speak English as their native language.
  • Asking for help is only allowed in the forums. Requesting help via PM or mail is prohibited.
  • Because of the potential for harm only selected members as well as our employees are allowed to offer help in the malware removal sections of the forum. If you have a strong malware fighting background and want to help please contact Emsi, Fabian Wosar and ShadowPuterDude (yes, all three of them) via forum PM.

Share this post


Link to post
Share on other sites

Thread Closed

Reason: Lack of Response

The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.