Maxwell Render | Official public forum

I downloaded the Maxwell installation files and within about 30 minutes both my computers seemed to be effected by a virus.


PC 1

I was getting error messages such as...

Exception Processing Message c0000013
Parameters 75b6bf9c 4 75b6bfr9c 75b6bf9c

and...

dl.exe
The NTVDM CPU has encountered an illegal instruction
CS: 0fc6IP:ffe8 0P:ffc60f8632 Choose close to terminate the application

My PC wouldn't boot into Windows - it would load into the screen that states the option for starting in safe mode etc. I started in safe mode and then tried to restore the PC to an earlier restore point but no restore points are shown. So therefore the PC wont load into Windows on startup. I tried to reinstall Windows - I got the PC to boot from the CD drive with the installation disk in but after the drivers have loaded (shown at bottom) i just get a screen with a windows error message and no option to go further. I tried running AVG and Spysweeper search and deleted a virus found, but that has not helped.

PC 2

I installed Maxwell and now no applications/software will open! I.e. i click to open Moi or Photoshop and i get...

'Moi Application has encountered a problem and needs to close. We are sorry for the inconvenience'

.... so i can't use any software. And other weird things are happening like windows not closing, i uninstall software and its still there or i install software and its not shown in 'add/remove programs'.

What is going on here? All i've done is install Maxwell... how can i fix these errors? I've had to find a PC from 1990 just to connect to internet and i've got work to be finished by tomorrow.

Please help if you can!

Wow Will that's not good it sounds like you had something on your machines or the files got infected with something as you grabbed them and then they trashed your systems. I haven't heard of anyone that got the same serious issues as you got with your machines now.

Hopefully you will find a way to get them fixed asap.

/ Max

woow... chance in a million

It is a virus called Gaelicum.A - defiitely watch out for this cos its done some serious damage and i've just read a lot of cases of it never being deleted even with re-installing Windows (which i cant quite figure out). It infects every exe file on the PC - it infected the Maxwell exe's which i transfered to other PC's - infected those PC's too.

By the way it looks like only AVG can pick it up (maybe sometimes BitDefender - this is just proof that you need a range of scanners cos i had 5 others before AVG and not one saw this.

Holy crap that's a nasty one to get i'm really sorry to hear you got this. Did you loose any workrelated and private files because of this ?!

Perhaps i should scan my system now.. :/

[Edit] : Did you try to reboot in safemode if possible and then use this tool to get rid of it. But it might have trashed your exe files, i don't know..

http://www.grisoft.com/doc/removal/ww/crp/0/ndi/67751

/ Max

I've used vcleaner in safe mode - vcleaner is the only program that has a chance of deleting it i think - its something from avg. Its fixed the PC to the point where i can now restart it! Dont know if it'll come back though.

Still problems with the Mac Pro (with Windows) - i'd say dont run AVG first cos it quarantines files and vcleaner cant get to them (i think) - problem is now i already ran AVG on the Mac but because the add/remove programs thing has an error i cant remove AVG to let vcleaner get to the files.

Do you know if AVG can scan external hard drives?

I've just found another 200 Trojan Horse's called Generic6.BGJ. Nice.

I see, ok good stuff you got it atleast started now. About the MacPro with XP on it, i have no idea but best option would probably be a format and reinstall to be on the safe side or else that virus might still be lurking in the shadows.

AVG should be able to scan all your drives, internal and external as long as they're hooked up to your system. Firewire drives i'm not so sure about, but usb should work.

Try scanning some individual files you suspect cause a problem with this to if you haven't done that.

http://www.virustotal.com/

/ Max

Thanks - the Mac insn't connected to the internet though... i didnt want it to get a virus. Ha.

Plus i can't install any software (like ISP/Tiscali etc) cos it immediately infects the exe file.

How do you remove software without using add/remove programs?

In general about viruses in such situations:
if you have a spare hard drive. Format it and load windows (or Linux) on it.
Boot from that drive and do all your virus scans and clean ups.

Another way is if you have a 4Gb USB flash drive. You could have linux on it with an antivirus such as:
http://news.bitdefender.com/NW620-en--B ... stems.html

If you can't find an uninstaller in the directory, you'll have to do it by hand (remove the program folders).

There weren't any folders - weirdness. I just reinstalled it and then unistalled.

Thomas thats a good plan.

-Adrian wrote:If you can't find an uninstaller in the directory, you'll have to do it by hand (remove the program folders).

And after that use a reg cleaner to remove all keys

Indeed. Wonder when MS will finally drop the whole binary registry idea.