Copyright Violation Virus

Discussion in 'Malware Help (A Specialist Will Reply)' started by ukgmale, Apr 27, 2010.

  1. ukgmale

    ukgmale Private E-2

    I recently got attacked by a virus that brings up the Copyright Violation pop up every time I start up. By all online accounts, this should be an easy fix, access task manager, end the processes, delete the files etc. Unfortunately, the virus seems to have disabled task manager, saying that the administrator has locked it. This means that all I get on start up is this pop-up, no start menu, toolbar etc etc, just the pop up which will not close, minimise or do anything. I try starting in safe mode, but I cannot access the administrator account, even though I have never changed the password. In safe mode the pop up still appears, and nothing else. I can't boot anything. It is very worrying. I have recovery console on my computer, but don't know if this is useful/ or how I would go about using it. I would run Malwarebytes, which usually does the trick for me, but again I can't boot or run any programs as the pop up prevents it. If I drag the pop up downwards, there is another pop up saying that I am infected and should buy my "unregistred Windows Defense" but I assume this is bogus as well, because I don't remember seeing it before, the graphics are shoddy, they want my money, and they misspell 'unregistred'. Please help, my computer is effectively useless!
     
    ukgmale, Apr 27, 2010
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You did not even tell us what version of Windows you are using.

    If you cannot run anything at all, even from another user account if you have one, then your options get limited. Since you say you have the Recovery Console installed, you can use the below (for Win XP) to try and restore from an older restore point prior to the infection to see if it can help you get started:

    http://support.microsoft.com/default.aspx?scid=kb;en-us;307545&sd=tech

    Another option would be to use another PC to make the OTLPE boot CD mentioned in message # 17 of the below thread and see if you can complete a scan with it and get us the log.

    http://forums.majorgeeks.com/showthread.php?t=214161&highlight=OTLPE
     
    chaslang, Apr 27, 2010
    #2
  3. ukgmale

    ukgmale Private E-2

    I used the first link that you have provided, and found the instructions a little confusing, but after some trial and error, I managed to implement them successfully. I then ran Malwarebytes, which hopefully eradicated the viruses from my system. I faced some minor problems, such as not being able to run .exe programs afterwards, and having to change the admin password so as to access the 'unseen' system restore points, but after installing a couple of drivers and checking the web, I suspect that I hve resolved the issue. I am providing links in case of anyone else encountering this problem:

    http://www.dougknox.com/xp/file_assoc.htm

    http://www.kellys-korner-xp.com/win_xp_passwords.htm

    Thanks for all your help, was really worried that the computer was stuffed. Eternal gratitude!!!
     
    ukgmale, Apr 28, 2010
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes those are in our list of possible fixes. You will see those links along with several other methods of fixing the inability to run EXEs here in the forum.

    You should consider running our full cleaning procedure to make sure all malware has been removed.
     
    chaslang, Apr 29, 2010
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds