There is a new type of bug which does this when you visit a site which has a site counter on it. If you click on the counter accidently it gets activated. Most people use counters which are actually hosted on some other server and some of them contain this malicious code.
Hi Alan, I'm not in a position to comment on the specifics needed to certify your machine as problem-free. But a quick check shows there are many hits on google re: the WERULE virus. You're definitely onto something; better late than never, eh? A good source I've used for information on identifying and ridding one's machines of these things (and there are others) is... http://www.symantec.com/avcenter/ ...which is Symantec's (Norton AntiVirus) clearing house for everything virulent on Wintel personal computers. They may have information as to exactly what you need to do to rid yourself of this and anything else your machine might have picked up. Other vendors probably maintain comprehensive lists and instructions, as well. All probably want you to buy their stuff, which is reasonable, vigilant, and practically self-maintaining once installed. Along those lines, there has been much good advice posted on this thread as to products and procedures, all of which can be researched on-line to suit your needs. And here's a secret: Most, if not all, of us have gone through something like this at least once. Usually only once! My PC career goes back to 1979, so I won't mention how many times I've shot myself in the foot. But then I'm dumber than most. Best regards and good luck.
or somebody... could you help me out here. I know the virus is in there, but I haven't located the file(s) yet, like I thought. I have forgotten how to find the running processes(please tell me how to do this). Then, once I find the virus in the processes, is it as simple as deleting it to truly get rid of it? Also, in order to run a full antiviral test at PitStop.com I need to add PAV.SIG AND PitPav.cab to my exclusion list. I can't find that either. If I could do these two things I think I'd be all set. Thanks again. Alan
Alan, It can be much more complicated than that. Many, many viruses are also memory resident; you can delete the disk copy, even kill what appears to be a bogus task, but another seemingly benign sounding task can replicate itself. True, many of them are not as sophisticated as that. What I'm saying is that you have your work cut out for you and, without being there, I can't help you. If you haven't already, you might want to consider hitting a computer store tomorrow and purchasing Norton AV; the CD is designed to run on an infected machine. It will clean things up. But to answer your specific question (as I understand it), the task manager can be launched by pressing ALT-CTRL-DEL on most Windows versions and pressing the Task Manager button. Best to you (and goodnight).
"I have forgotten how to find the running processes(please tell me how to do this). " hold down control/alt/delete button, then on task manager pick processes.
A heads-up re. computer security. Lots of spyware/adware/hijackware are going around right now, and getting worse. These types of pest programs are typically not detected by antivirus software. This is the stuff that generates popups, hijacks the browser to some website, changes the browser's homepage setting, changes the cursor, monitors web activity, logs keystrokes, installs unwanted software, etc. All of this is junk or worse, and usually installs in the background without you knowing about it. You can unknowingly pick up these nasties just by visiting a website. So, here's the tools needed to defend against this junk: Firstly, and in any case, run a firewall. For example, ZoneAlarm Pro: http://www.zonelabs.com/store/content/home.jsp It has a free version (ZoneAlarm), and a pay version (ZoneAlarm Pro) that has a lot more features (email protection, cookie protection, popup and ad blocker, etc.). ZoneAlarm allows you to control both incoming and outgoing traffic; only traffic you authorize is allowed. With ZoneAlarm, you are notified anytime a program attempts to access the internet (also attempts to access your computer from the internet), so any unwanted program that tries to access the internet is revealed. When you purchase ZoneAlarm Pro, you can at the same time buy a product called PestPatrol and save $20 on the ZoneAlarmPro/PestPatrol bundle. PestPatrol provides protection against spyware/adware/hijackware/trojans, etc.. It also provides cookie and keylogger protection. http://www.pestpatrol.com If using PestPatrol, run it weekly, and also update the pest definitions weekly (there's an update tab for that). In addition to running PestPatrol and Anti-Virus software, to keep junk off your PC, I recommend installing these: (all freeware; no cost unless you choose to donate) Spybot Search & Destroy: (scans for and removes pests, and more) http://www.safer-networking.org/index.php?page=spybotsd IE-SPYAD: (puts known junk websites on the Internet Explorer restricted zone list via registry key) http://www.staff.uiuc.edu/~ehowes/resource.htm#IESPYAD SpywareBlaster: (stops installs of spyware) http://www.javacoolsoftware.com/spywareblaster.html SpywareGuard: (compliment to SpywareBlaster; stops spyware installs; constantly monitors) http://www.wilderssecurity.net/spywareguard.html The SpywareGuard 2.2 download that you want is the full install that is 1.96 MB. SpywareGuard can be downloaded from these sites: http://www.softpedia.com/public/cat/10/17/10-17-52.shtml http://www.itsfree4u.com/antispy.shtml http://www.download-freeware-shareware.com/System-Utilities.php?Theme=2 Each program has regular updates available, so if you install these, keep them updated to protect against the latest pests. One warning, PestPatrol and Spybot both change and delete files and parts of the windows registry when you take action on any identified pest or condition, so before deleting anything identified as a pest, be sure you are really deleting a pest and not a needed file or registry item. If you are ever uncertain, once a questionable file or registry item is identified, you can look it up at PestPatrol.com and do a Google search for info. on it to be sure it is a pest before deleting. Running all of the above, so far I've encountered no system problems, and no adware, spyware, junkware, hijackers, or other nasties.
Within the past week I've picked up a type of hidden pop up spyware. I can be hooked up to the internet, with only MyTrack open, and will periodically get a pop up ad. Explorer is not opened.. I have been running Norton Anti-virus, Spybot, and Zone Alarm (free version), and I my computer still got infected. All updates have been downloaded along with Windows XP critical downloads, and none have solved the problem. This bugger is pesky. Any ideas?
A format c a month keeps the hacker away (not a great rhyme i know), anyway ,call me stupid , but that's what I do.(yes i have firewall,spypest,virusbuster,and all that stuff...) It takes 25 min to reinstall your OS , plus 5-10 mins to reinstall all the soft i need , with a well organized backup, that's all it takes. And you don't have to stay in front of your PC the whole time. I sleep well @ nite
format c a once a month, keep away a god damm worms... reinstall XP today this may keep the worms away... just practice in english))))))))))))))))
stay away from symatec products they have new registration stuff in 04. programm can be installed on only one computer and no matter what happends-you can only install it on this computer 5 times.