Expert: Carolyn Meinel - 3/31/2009

Question
Hi,

I wasn not able to aks a followup question, hence starting a fresh session.
I downloaded and installed kapersky from http://kapersky.com but I cannot view any Icon on my desktop.
I also tried going through the Start - program menu, but was not able to get through, only options that are
there are uninstall and help. I am not able to open kapersky and scan my computer. I am still facing the problem of
Right click of the mouse, as soon as I right clik any Icon , the computer gets hanged and I need to restart. Please help

Your previous answer:


Wow, you do have a problem. Your computer has been taken over by a computer criminal or computer crime syndicate.
I'm especially worried that it might be taken over by a crime botnet that is scheduled to do something
-- we don't know what, exactly -- on April 1, this Tuesday. SO it is urgent to fix your computer as fast as possible.

First, see if you can fix your computer using System Restore.
Use Start --> Help to get to System Restore. Pick a restore point at least half a year ago.
If your computer is able to use System Restore, then next try to run Regedit again.
If this works this time, you are probably safe.

If this doesn't work, then try this next.


1) Download either Kapersky Internet Security, which offers a free 30 day trial at http://kapersky.com or
F-Secure's Complete Internet security suite, which offers a free thirty day trial:
https://store.f-secure.com/cgi-bin/dlreg/ml=EN?ID=FSISTB&desid=TRIAL

2) Disconnect from the Internet.

3) Uninstall your current antivirus. This is absolutely essential because otherwise it and F-Secure or
Kapersky will fight each other and might crash your computer.
It isn't good enough to just turn off your old antivirus because it probably has been crippled by your virus infection.

4) Install your Internet Security product. Download any updates available.

5) Run a complete scan of your computer. Follow any instructions it might give you.

6) Reboot.

If this works, you can either keep your new Internet Security product or uninstall it and reinstall your
old antivirus from either a download of the latest version from their website (if that's how they sell it)
or from the disk it was on when you bought it. Be sure to get all the latest updates right away.
Usually antivirus companies are pretty good about updating their programs whenever some new attack becomes able
to evade or cripple their product.

If you weren't running an antivirus program that includes antispyware protection and a firewall,
then I recommend that you not reinstall your old program. Nowadays we need total protection,
and this includes antispyware and a firewall.

7) Now try to run Regedit again to see if you have regained Administrator control.

8)To prevent future infections, don't use Internet Explorer, as it is susceptible to introducing viruses,
adware and spyware into your computer. Instead you could use Firefox, free from Mozilla.org .
Instead of using Outlook for email, you could use Thunderbird, free from Mozilla.org, or Eudora, free from Eudora.com .

If this doesn't work, please let me know and I'll tell you how to "nuke" your computer.


Answer
I'm so sorry to see how serious your computer's infection is. Right now, immediately, please, you need to back up all your data onto some sort of removable media -- CD, DVD, flash drive, whatever you can get your data on and then remove it from your computer. Please do this now before the infection on your computer destroys anything -- or anything more, since we don't know how bad it already is.

Your best bet next is to take your computer to a repair shop and ask them to completely erase your hard drive -- make sure they do what's called a "low level reformat" on the hard drive using a program that the hard drive manufacturer uses to erase absolutely everything and start over completely new. Then have them reinstall your computer to its factory settings using the disk(s) that came with it when you bought it. Then make certain they add all the Windows security updates that have been released since your computer was manufactured.

I'm advising this instead of "nuking" your computer yourself because you will need another computer to do part of this work.

Then when you get your nuked computer back, here is how to reinstall your old programs without getting infected. First, before going online, install an Internet security suite from a CD, not from a download. I don't usually advise this, but recently there are some incredibly powerful forms of malware running loose on the Internet, for example the Conficker worm. Conficker is able to automatically break into your computer and it will damage many antivirus programs so that they can't update and can't remove Conficker. See http://www.google.com/hostednews/ap/article/ALeqM5gyP5ygt_hS_RJ51QV2a5k10wK9mQD9... to learn how Conficker breaks in and how hard it is to remove. So my concern is that if you go online to download an Internet security suite, Conficker will break in while you are doing this. And if you reinstall your old antivirus or Internet security suite from a program you saved from your hard disk, it probably is already damaged by whatever has infected your computer.

I'm advising an Internet security suite rather than just antivirus because you -- and everyone nowadays -- need the extra protection.

Only after installing this security suite and activating the firewall do you dare go online. Then before anything else, download all updates to the security program. Also make sure that Windows automatic update is working so you get all the latest updates. Only then is it safe to load you data back on your computer and reinstall your old programs.

Hope this works!