Windows = fail, Virus = Win

[UrBaN]

So I got a popup randomly, asking me whether I would like to replace my original Windows files with the new ones.



Windows WTF = Fail.
After trying the CD thing to no avail, I realised my options were YES and YES. After phoning a friend, I decided to go with YES.

I then got these two beauties.


Windows WTF = Fail again.
I denied, chose no callback and told it to never ever ever ask me that ever ever again. Ever.

Nod32 then turned red in the system tray, so I clicked it to see what that was about.



Nod32 WTF = Fail.

At this point I lost all network connectivity, so tried disabling/enabling the LAN, as well as a repair.


Repair LAN WTF = Fail.

After this, I managed to get the LAN working again - a simple restart - but everytime I tried to connect to ADSL to come here for help, the modem would connect, verify username/password and then fail.

Luckily I had a system restore point from 12pm this afternoon so I was able to restore prior to the balls up and everything is working properly...

Now to find the cause...

Incidentally, rapimgr.exe was utilising 99% of the CPU (it's used for MS Activesync, which wasn't even running at the time).

Anyone seen this?

[Hex_Rated]

So I got a popup randomly, asking me whether I would like to replace my original Windows files with the new ones.

Downloaded any keygens lately?

[UrBaN]

Nope, don't use/need them.

Only recent addition to my PC is Open DNS, reviewed in the mag.

[Screeper]

/me runs and uninstalls Open DNS

I'm surprised Nod didn't catch it, it is usually very good in the 'finding baddies' department.

Interesting, let us know how you sorted it out if you find a solution.

[Hex_Rated]

It's obviously a virus. And it's probably raped your entire system by now after it replaced your windows network drivers with its own files. Format and reinstall.

What is OpenDNS? Dynamic DNS software? What is opendns.marc-hoersken.de? Sounds like that address could be hacking your PC.

[UrBaN]

I have also uninstalled - if you look at pic #2, it's OpenDNS trying to call out..

May or may not be related, but I noticed no improvement with openDNS so no point using it.

Thus far that is the only difference I am aware of in terms of system state, other that emails (no attachments) and a potentially dodgy driver for a USB to RS-232 adaptor...I have since deleted the install file.

If I do come across anything I'll post it.

It's obviously a virus. And it's probably raped your entire system by now after it replaced your windows network drivers with its own files. Format and reinstall.

What is OpenDNS? Dynamic DNS software? What is opendns.marc-hoersken.de? Sounds like that address could be hacking your PC.

A system restore handled it, so no need to format and reinstall.

Just noticed, my PC bluescreens whenever I do a full system scan with NOD32. It was scheduled to do one everyday but the log says it hasnt successfully completed in ages...dodgy HDD?

[Anthro]

Open DNS is alternative DNS servers..
Can I recommend you Use AnalogueX fast Cache rather ??

[pok]

Also try Spybot - Search & Destroy, its freeware & work like a charm for me with NOD32 (ironically)

[UrBaN]

Ya I used to use it, it's good.

Will try it.

[Hex_Rated]

A system restore handled it, so no need to format and reinstall.

If I were you I'd keep an eye on my outgoing bytes just to be safe. Some viruses can definitely survive system restores.

[Anakha56]

it was not me i promise!

/refers to name in pic...

What Hex re last comment, watch your system...

[WAJeff]

I see you running Pidgin as your IM
Its a start towards Linux dude

[ADV4NCED]

A system restore handled it, so no need to format and reinstall.

If I were you I'd keep an eye on my outgoing bytes just to be safe. Some viruses can definitely survive system restores.

Yeah alot of viruses place themselves in the system restore folder too...