This thing snuck onto my computer somehow...probably through the school's crappy network, seeing as I do not ever use Internet Explorer anymore. AVG isn't killing it, so I need to figure out something new to do. On my own, I am powerless, as I know nothing of computers, viruses, and the like. I have no choice, I must appeal to you, the computer geniuses of this wonderful community. HOW THE HELL DO I SAVE MY COMPUTER!? :cry

http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.b.worm.html

All the info you'll need on what it does, plus instructions for removal, either manually or using their removal tool.

Thanks. But ya know what else sucks? I asked a friend of mine who was sitting here borrowing my computer to access Fans to see this info. He opened Internet Explorer, and now I have a number of other things on here and a wierd searchbar at the bottom of my computer screen! >_<

I don't know about anyone else but a worm that uninstalls other worms?

O_o

Did I read that right?

*gives thread a kick*

update since he can't do it, through a friend he tells me thus: it won't turn on, just restarts over and over....

Originally posted by Firebird1
I don't know about anyone else but a worm that uninstalls other worms?

O_o

Did I read that right?


It's part of the ongoing battle between groupies of different virus families... it's very lame, and annoying to everyone who isn't a script kiddie.

Once you get this thing killed, I'm going to suggest you do the following:


1) Make sure your virus definitions are up to date, for whatever antivirus program you are using. Check this regularly. Make it a habit.

2) Download Ad-Aware 6 (http://download.com.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button) if you don't already have it. Install it, check for updates, dl any that are available, and scan your machine. Get rid of any crap that it finds.

3) Download ZoneAlarm (http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp) if you don't already have it. Install it, run it always. Make sure it stays up to date. Learn how to use it to control program access to the internet. Block Windows Explorer from accessing the internet, unless you need to run Windows Update.

4) If the Internet Explorer icon is still on your desktop, get rid of it. It's too easy for someone who doesn't know any better to click on it and start using that to browse the web.

To get rid of it, download TweakUI (http://www.microsoft.com/windowsxp/home/downloads/powertoys.asp) from Microsoft's site. Once it's installed, run it, and find the Desktop section. Uncheck the IE icon.


5) Make sure the Messenger service is disabled. To do this, follow these (http://www.theeldergeek.com/messenger_service_popups.htm) instructions.


6) Check Windows Update regularly. Make it a habit to do so once every few weeks. If you hear about Microsoft discovering new vulnerabilities, get to Windows Update to see if patches are available. There are always new exploits being found. Nothing can be done about this. Just make sure you stay up to date with any Critical Fixes, and you'll be much less likely to have problems.

*kicks thread again* had help from Fig but the problem still is going, still restarting itself, any more help would greatly be appreciated...:cry

To get rid of it, download TweakUI from Microsoft's site. Once it's installed, run it, and find the Desktop section. Uncheck the IE icon.


Service Pack 1 for XP has Set Program Access and default, found in Control Panel > Add / remove Programs. Use it if you have XP AFTER getting Firefox or another alternative browser and set the access to zilch for IE.

Hooray for class. I get computer access in a public lab to ask more questions and give more information. I need to know if it's possible for me to go on the internet in safe mode and download things, like this Zonealarm and Ad-Aware. Also, I'm going to try and better explain the situation with my magically restarting computer.

I ran the worm removal tool Figrin linked to in normal mode earlier. It said it found the thing, but didn't tell me if it got it or not. I booted into Safe Mode to try it there, just to be sure, but couldn't get to it from there. I booted to normal mode to move the tool into a folder I can reach from Safe Mode, but the normal mode began to continually reboot itself. It displays the white HPInvent screen, the black Windows XP loading screen, and gets to the "Welcome" screen before the monitor goes blank and begins again.

My roommate put the tool on a disk, so I was able to run it from there. It didn't find the worm, so I'm assuming this reboot thing is due to something that got in earlier when IE was opened by mistake. I ran AVG almost immediately and found a number of trojan things, then was assaulted by an "installed new software" bubble. At that point, I got that search bar I mentioned earlier.

That's all I know to tell at the moment. If more information/clarification is needed, I'll be checking through public computers/my friends' computers, so I can post a little bit to do that.

What toolbar? Do you know what it does? It might be a spyware. I know I got a toolbar about a SaveNow thing. You can delete that by going into the Remove Programs thing on your computer and getting rid of it there.

Wei, I have no doubt that it's spyware. I immediately remembered your wierd SaveNow thing, but my computer began doing it's restarting troubles after I went to safemode to clean up the worm. The worm appears to be gone, since I ran the tool twice and it found nothing, but something else makes the computer reboot every single time I try to start it in the normal mode. Until I fix that, I can't run AVG or Spybot or anything, it seems, unless I can use SafeMode to go online, get all the stuff Figrin listed, and install it. Seeing as AVG refuses to run in Safe Mode, I doubt if I can get those new programs or cleanse myself of the junk IE gave me until I can boot normally. Can anyone help me fix it so it'll boot regularly?

There are any number of problems that could be causing it to reboot like it is. Its a default setting in Windows XP to reboot after system failure. The setting is in System properties - Advanded - Startup and Recovery.

You need to check the event viewer while in safe mode and get more detail on what the actual failure is.

Originally posted by SWFans.Net
There are any number of problems that could be causing it to reboot like it is. Its a default setting in Windows XP to reboot after system failure. The setting is in System properties - Advanded - Startup and Recovery.

You need to check the event viewer while in safe mode and get more detail on what the actual failure is.

::writes that down:: Okay, I'll take a look at it when I get home from class.