XP Internet Security 2011 Virus

May 17, 2011

I got that, I got rid of that, a secondary and worse one was found and is still wreaking havoc. It is the PC Performance and Stability pop up. I think I'm close to getting it cleared up thanks to techniques on bleepingcomputer.com but I'm not out of the woods yet. Until I reboot a 2nd time without issue, it is still possibly there. I'm running from that site above, the steps to Kill it with a program called rkill which found some trojan's and a few others, ran tdsskiller (didn't find anything), ran Malaware which found several items, deleted those, ran unhide due to the hidden files. This virus will hide all your files, desktop, start menu etc. They have a file, exe, that will unhide them. You think for a moment that all your files have been deleted. Scary shi t. I also ran a program called Superantispyware and it found a few things. Anyway, I'm continuing to run different programs to kill anything that comes up and the thins they are finding are getting less and less. However, I still can't see all my program files in the "Start Menu", I've manually gone into the file properties tab to make sure they are not hidden. Still hasn't worked. It could after I reboot, but I do have to get some work done today and still running a scan with Malawarebytes.

Anybody had this, or have suggestions on how to get the start menu back to showing all the stuff.

Chucktshoes · May 17, 2011

Buy a Mac?

May 17, 2011

It is works computer.

Edited May 17, 2011 by db99wj
added words to make more since. I'm tired.

May 17, 2011

Buy a Mac?

LOL...Mac's are no longer that safe....BAWHAHAHAHAHA

Armed Aviator · May 17, 2011

I feel for ya. Went through that and got it cleared up. It was a royal pain!

BryanP · May 17, 2011

Buy a Mac?

CSIS: Crimekit for MacOSX launched

BryanP · May 17, 2011

I regularly have to clean this crap off the PC's of relatives and friends. Each one is a slightly more obnoxious than the previous iteration.

May 17, 2011

Any other programs that i could run to clean this thing up.

Any ideas on the hidden files?

May 17, 2011

Any other programs that i could run to clean this thing up.
Any ideas on the hidden files?

If I were at my home PC I could tell you a couple my son recommended I use...one was MALWARE BYTES...

May 17, 2011

If I were at my home PC I could tell you a couple my son recommended I use...one was MALWARE BYTES...

Malware bytes if you have killed the script on it. Otherwise it wont let you open it back up if the virus is still running. It took my wife about 12 hours to get my computer back to normal after this stupid trojan/virus.

May 17, 2011

I've had good luck with Malaware Bytes and Microsoft Security essentials. Idk if MSE is available for XP. I start in safe mode and run the programs.

NRA · May 17, 2011

spybot and adaware both are great programs and best of all .......free!!!!!!!!!!!!!!!!!!!!!

May 17, 2011

Hijackthis! and Adaware (free)

Antivir antivirus(free, except for business use.)

Comodo Firewall (also free, except business use.)

Try HiJackThis, and see if you can remove it. Also, use an antivirus, and anitspyware that boots off of a cd. Best of luck.

Caster · May 17, 2011

Worst virus I have ever seen for a PC.........Windows.

May 17, 2011

what exactly isnt showing up on your start menu?

It actually sounds to me like it isnt a virusy problem. You say you are using windows XP.

Most people have the following things on their start menu:

- recently used programs

- pinned programs

- list of commonly used folders (my computer, my documents, controll panel, printers, run, etc)

- all programs -> which brings up a list of programs which have been designated to show up in this menu

Which of these are you not seeing?

May 17, 2011

I've run adaware, hijack this, and the ones mentioned and just ran malawarebytes with nothing found. The IT guy happen to be in here today on an unrelated issue and made a few changes in the misconfig area of the world, deselected a few things, told me to run Malawarebytes again, which nothing was found as mentioned. I've been out of the office this afternoon and rebooted and ran Malaware. All my icons are there on the desktop, folders and what not are showing up in the start menu.

What I am still not seeing, and maybe because I don't go often and they haven't been there in awhile, but when I hit Start, All Programs, those are the folders that I am not seeing anything. For example, Microsoft Office Folder, Microsoft Office Tools, <empty>. It actually has the word in the thinggys, <empty>. I know I have Microsoft office, Excel and Word are on my desktop and I use them all day long. I have put back the most comonly used ones in the left side of the menu when I hit start.

Not that big of a deal, because I keep the main things I need on the desktop, but just wondering where they went.

Chucktshoes · May 18, 2011

CSIS: Crimekit for MacOSX launched

Crap. Thanks for that piece of intel.

MacGyver · May 18, 2011

Most of the versions of this program are state sponsored Chinese. They've got an interesting attack vector.

The difficult thing about this iteration of malware is that they change it weekly. It makes getting rid of it cleanly pretty difficult.

If you've got good backups of the rest of your data, you're better off in both time and ongoing risk to do a clean reinstall.

Be highly vigilant in checking your bank account and credit info if you've done any online shopping or banking from this computer. Most of the binaries that we've unpacked have got keystone loggers set to forward your username and password when you hit any of the major financial sites.

Shoot me a PM if you want to discuss it further in detail.

May 18, 2011

I've run adaware, hijack this, and the ones mentioned and just ran malawarebytes with nothing found. The IT guy happen to be in here today on an unrelated issue and made a few changes in the misconfig area of the world, deselected a few things, told me to run Malawarebytes again, which nothing was found as mentioned. I've been out of the office this afternoon and rebooted and ran Malaware. All my icons are there on the desktop, folders and what not are showing up in the start menu.
What I am still not seeing, and maybe because I don't go often and they haven't been there in awhile, but when I hit Start, All Programs, those are the folders that I am not seeing anything. For example, Microsoft Office Folder, Microsoft Office Tools, <empty>. It actually has the word in the thinggys, <empty>. I know I have Microsoft office, Excel and Word are on my desktop and I use them all day long. I have put back the most comonly used ones in the left side of the menu when I hit start.

Not that big of a deal, because I keep the main things I need on the desktop, but just wondering where they went.

Alright. Some virus may have "deleted" those things from your start bar, but getting rid of the virus will NOT put them back on. You can do it pretty simply yourself though. They are only shortcuts, like whats on your desktop. You can add and delete those as much as you want.

Go to My Computer -> C:/ (or whatever drive letter you have programs installed under) -> Program Files ->

Then go through and pick whatever programs you want and drag them to where you want them in your start bar. You can either grab individual programs (make sure you grab the actual exe file that starts the program, and not other random files), or you can grab an entire folder and put it in there, depending on what level of detail you had / want .

Also if dragging it into the start bar is a pain, you can also open C:\Documents and Settings\All Users\Start Menu\Programs and drag stuff into that.

There may be a faster way to restore all programs to the start bar than that...

I'll take a look when I get a chance and let you know.

Edited May 18, 2011 by friesepferd

May 18, 2011

I don't remember how I killed that "virus" last time. I'm thinking I ran Hijackthis, then Malwarebytes, then Spyware Terminator. I was able to find the actual process for it in Windows Task Manager, then, in Safe Mode, I renamed the extension .old. Upon reboot, back to normal mode, the process was no longer there.

From another computer, or yours if you can open a browser, Google the name of the program that this virus keeps telling you to install to remove the false offending virus. You should come up with quite a few forum threads from throughout the web, along with several tech sites, detailing what steps you need to take and which legit, usually free anti-virus/malware/spyware programs that will kill/remove the virus.

I do know Norton Security Suite, the one you can get for free if you are a Comcast/Xfinity customer, will recognize the virus, stop it before it can run/download, quarantine it, and remove it, all before it has a chance to run even once. It's a very effective package, the first and only one I have ever liked and have been impressed with.

May 18, 2011

LOL...Mac's are no longer that safe....BAWHAHAHAHAHA

Wrong.

The Mac's UNIX underpinnings make it far less susceptible to this type of problem. There are no confirmed Mac viruses "in the wild." There are some "Trojan Horses" in existence. They are very different. These programs purport to be something you want (say, nude pics of a celebrity) but in reality turn out to be something different. It cannot spread without the assistance of the user. The easy way to prevent it? Don't click on that kind of crap… and never download files that you didn't request from a source you can't verify.

A trojan horse is no different than a guy standing outside an ATM that tells you he works for the bank and it is OK to give him your account information and he will give you $20. Would you do that? No. That is exactly how a trojan horse works. They cannot do ANYTHING to your computer without YOU giving them permission–just like the guy outside the ATM.

A virus is very different. If jumps on your pc through whatever means it can–usually without your knowledge–and starts doing something malicious, from harvesting your email addresses to deleting files. That cannot happen on a modern Mac with anywhere near a recent operating system on it…

Edited May 18, 2011 by nicemac

May 18, 2011

Have you tried Combofix? A guide and tutorial on using ComboFix

This one does really good if you can't do anything in windows at all http://support.kaspersky.com/viruses/rescuedisk you burn it onto a disk and it scans the drive using linux.

Edited May 18, 2011 by mikedwood

Caster · May 18, 2011

You know, I've had this iMac for several years now and with the exception of two hardware replacements, I've had zero problems. Not one single software issue. With PC's the wife and I were buying a new one every year. It was just easier to plow a new garden than trying to pull the weeds. For any skeptics, I have opened EVERY email I have ever received. No way would I open ANY email I didn't recognize on a PC.

I've been hearing for years about Mac viruses. ANYTHING can be done, but there's nothing to worry about. I grew up on macs. We had dial up internet in '93-94. The kind where you signed on and got to listen to the crazy sounds, went and made a sandwich, checked the oil in you car, pet the dog and then came back to see if it was signed on yet. That's the only reason I graduated high school! I copied all my reports and homework from sources that my teachers didn't have access to.

If there's malicious software for Mac, it'll probably never bear fruit. Mac's are just antibacterial by nature.

May 18, 2011

meh. personally not a mac fan at all. for what I use computers for, it just doesnt work. The only way I am going to use a mac is if I just install windows on it.. but then whats the point. Id rather have a PC where I can exchange parts on it from any manufacturer.

As far as viruses go... Yea, there are more for windows because more people use windows. Simple as that. And personally, I have never ever had any problems. I also do not use any anti-virus software. I just know what kind of stuff to click on when it comes to the internet, and what not to click on.

If I were in a situation where I could readily use a non-windows system, I would much rather just use something like redhat.

May 18, 2011

Seems that it is gone, all is stable, after multiple reboots. The menu thing, I started thinking about how often I go into it and it is very rare. All the programs that I use everyday for work, I have made shortcuts on my desktop. If it does come back, I call in our IT guy and we will kill it and do a clean install. In the mean time, I will make sure that I have backed up all MY stuff on an external drive. If I need an item in the start menu, I will manually do it.

This virus is not just a run one program and get rid of it, it is a real pain in theass. Also, one of the problems I was having was that the programs, like malawarebytes was not getting all of it, after every scan, there was always something in there, until I disabled our AVG Pro antivirus and adaware. With those running in the background, it was keeping malawarebytes from cleaning it completely. Between Malawarebytes, Search and Destroy, Adware, and AVG scans, it appears to be gone.

Macgyver, most of my financial stuff I do on my iPhone. Banking, credit card, mortgage, purchases etc. There have been somethings I've done on this laptop, and I will keep an eye out on that. I'm not sure what some of those things you mentioned mean, but I will be vigilant!

Thanks to everyone, except you Mac Fanboys, you suck with your fancy virus proof boxes! Is the iPhone as bullet proof as the Mac OS's?

XP Internet Security 2011 Virus

Recommended Posts

Guest db99wj

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Guest db99wj

Guest mustangdave

Guest db99wj

Guest mustangdave

Guest Dukebb23

Guest tommy62

Guest HvyMtl

Guest friesepferd

Guest db99wj

Guest friesepferd

Guest Broomhead

Guest nicemac

Guest mikedwood

Guest friesepferd

Guest db99wj

Create an account or sign in to comment

Create an account

Sign in

Recent Topics

TGO HELPFUL LINKS

TRADING POST NOTICE

THE FINE PRINT

Important Information