As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/
Options
Anyone run across a 'StupidPOS' virus before?
MetroidZoid
Registered User regular
Registered User regular
I just finished downloading the windows update to run Primal Carnage off Steam, and this warning pops up that was, in short "You're computer is going to shut down ... etc ... STUPIDFUCKINGPOS/Jordan".
And then it did. Now my PC won't boot up, and when I try to go into safe mode, I hit Enter on my OP but nothing happens past that. Help?
And then it did. Now my PC won't boot up, and when I try to go into safe mode, I hit Enter on my OP but nothing happens past that. Help?
0
Posts
The best two ways to handle this are 1) to boot from a Linux DVD-ROM and install/run Avast virus scanner, and then scan your hard drive, or 2) remove the hard drive, put it in a USB enclosure, and scan it from the another computer.
I can help if you want to try either of the above, but unless/until you can get to Windows in some form, there's not much that can be done. You could try installing Windows on top of itself as an upgrade, and that might keep some of your settings, but that's more of a last-resort.
So, problem solved?
3DS FC: 4699-5714-8940 Playing Pokemon, add me! Ho, SATAN!
Not likely.
Use this chance to back up your essential stuff, and if you can muster the force of will, clean up with factory restore. If you suspect malware has been on your computer and now you can't find it, and you didn't get rid of it yourself, it is almost certainly still there.
It is possible, yes. But the more likely option is that it's embedded itself somewhere undetectable- which is absolutely possible if it had a run of your machine while your antivirus didn't have definitions to properly detect it. At this point even if you did download proper definitions it could have entrenched itself into invisibility.
Not trying to scare you obviously, but it is my opinion that the best stance on malware of any kind is Exterminatus, when possible. It is, after all, the only way to be sure.
http://support.kaspersky.com/2663
Then you want to go to, Users/whateveryourusernameis/appdata and take a look under Local for any fun exes, you'll be able to tell if it's a nasty critter based on file name most of the time, or a file that is out of place. IE Lsass.exe should not be in appdata, same with ctfmon, or adobe arm (these are just common file names used by trojans to stop people from deleting a main executable)
Next go to local/temp and just delete everything, nuke it all from orbit.
and then go to locallow/sun/java/deployment/cache and clear everything out of there, don't delete the numbered folders, just empty the folders.
Next go to these two locations and look for anything that shouldn't be there... delete that shit.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
C:\Users\(User-Name)\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
And that is a quick and dirty malware removal, it's not 100% guaranteed, but it is fairly effective.
If you have an active GOOD antivirus (not something like Avast, mcafee, avg, or avira... anything free basically) you should be fine, I'm not really familiar with this one. It looks like it changed your computer name, which means your registry has been tweaked. You'll have to google the specific keys that hold that information based on anything else you notice on your computer in order to replace those with working keys if you notice any functionality problems. Last resort would be to boot in to a recovery environment and replace the registry keys with the backup from %windir%/system32/config/regbak