I picked up a Trojan SPM/LX virus a few hours ago. Most noticable symptoms were that the desktop wallpaper changed to a bright green, I was unable to access the Task Manager or System Restore, and there were numerous pop-ups reminding me that I was infected.
I ran Malwarebytes, which detected and removed five items, which were consistent with what I'd read about this virus:
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
After restarting, things didn't seem quite back to normal, but I was able to get into System Restore and use a recent restore point.
Now everything seems fine, except McAfee gave me a message that various items were disabled (real time scanning, spyware scanning, etc.). After hitting the Fix button several times, the problem still wasn't resolved, and now it says the problem is that "Some components are missing. Please reinstall McAfee VirusScan."
I ran the Virtual Technician, with the result "Problem: Service(s) not running (1)." It cannot correct this problem either.
Do I need to just uninstall and reinstall McAfee? I am on a PC with Windows XP, primarily using Firefox v3.5. I have McAfee SecurityCenter 9.15 and VirusScan 13.15.
Hey zifa16,If the technician is`nt working for you i think you may have to.Here is were to get it.
http://service.mcafee.com/FAQDocument.aspx?lc=1033&id=TS100507 make sure you follow it exactly the way it says to do it .
If this does`nt link you just google mcafee MCPR Good luck
Message was edited by: newjack on 1/16/10 3:19:17 PM CSTThat link is not working.I copied and pasted?On the top of the page there is a tab usefull links.Click on that then click removal tool MCPR
make sure you read all the instructions before removeing.good luck
[duplicate post]
Message was edited by: zifa16 on 1/17/10 7:45:07 AM CSTThanks for your reply. I was able to use the uninstall program to remove all McAfee products from my computer. Then I downloaded and ran the install program. It started out fine, asking for the e-mail and password I registered with, and which components to install. But when I started to install, the whole thing shut down (didn't appear to be running in the background, after checking the Task Manager). Is there still something preventing me from installing McAfee?
Yes zifa16, there is something preventing you from installing Security Center. The Trojan or, Virus has sent a copy into your restore point system. You needed to disable (past tense) restore point before you uninstalled McAfee Security Center with the MCPR.exe. Does that make good sense to you ?Message was edited by: CrazyChuck on 1/17/10 3:09:19 PM CST
Awesome. So, since I already uninstalled everything, how can I get around this? If I disable restore point, can I run MCPR again? Considering I already had a successful uninstall, will MCPR work again?
Have you turned on Microsoft's Windows firewall the firewall that came with your computer ? If not please do that and close all ports in Microsoft firewall Windows no exceptions please. You need all the protection you can get at this point. Let me know okay ?
I actually am using another computer for the time being (particularly to connect to the internet). So can I get all the steps to resolve the problem? Then I'll go take care of it all at once.
So...
Step 1: Turn on Windows firewall and close all ports.
Step 2: ...?
I only wished that It was that simple. Right now one of the reasons you my not be able to download McAfee Security Center is that there's a problems with the servers. There's an endless loop update problem it just keeps downloading never stops. However I don't know if that's the reason you can't download McAfee so, for today downloading is not an option.
Step one: Turn on Windows firewall :
Step two: Turn off system restore point :
Step three : At this point you must understand what Trojans do to your computer. Some Trojans can stop you from performing computer tasks such as downloading would be relevant in your circumstances.
Step four : You need to eliminate the Trojan or, virus before you can do anything else or, go any further. I must be right up front with you there's no easy way out. It's going to take a lot work for both of us. You ready for that ?
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: