|
Malware: XP Home Security 2012 on my desktop
this morning. After doing some research I find it is the newest strain out and that rebooting to the safe mode and downloading a removal program will not work. This infection works as well in the safe mode as in regular boot. I called a couple of tech supports and they advised this new strain cannot be removed via any anti malware or anti virus programs and has to be removed by a technician. Best Buy up to $300..internet supporters anywhere from $129 to $300.
Has anybody had this? If yes how did you get it removed? If it has to be a technician or somebody hands on, do you have a recommendation? My desk top is pretty much not functional and I am using my laptop. I am not sure I want to put up to $300 in the desk top as I have everything backed on on a remote hard drive as well as on my laptop. Thanx for responses to come...I hope. btk |
Quote:
Good Luck! |
Quote:
See another thread where we had discussions about viruses. |
As noted above, I also would first try Restore to whatever date in the past my computer would allow.
Failing that, you will have to take your desktop to a technician and get the hard drive swiped clean and then reinstall Windows. Last time I had to have that done, it cost $150 but that was in NY. Wonder if the Geek Squad at a local BB would do it??? |
|
YOU can always uninstall Windows and do a clean install yourself. I just did that for a friend. This might be the option I would choose, especially where you have the backup. It isn't that difficult to do this yourself unless you are timid and afraid!!
|
Quote:
|
|
btk - i hope you have recovered from this malcontent malware! if not, and for others concerned about this malware - there is a great thread about removing this nasty aggrevation on one of the cnet forums - good to copy/save for future reference.
http://forums.cnet.com/7723-6142_102...security-2012/ |
Mac
Another reason to leave the PCworld and move to MAC
As I sit here typing on XP waiting for it to hit me also. What were you doing that downloaded this mess? I have Norton and Spyblaster, Spybots CCleaner and Advanced System Wear 5 all running, Mac salesperson said what are you going to do with your two hours of cleaning time gone! Good luck with the cooties cleaning! I would just blow out the system and reload fresh XP. Be careful of restore. It will transfer the virus to that safe section. H |
I like the technicians at MMD on 441.
|
Did you try running MalwareBytes (with the latest database) from a flash drive yet?
PS. Their Pro version was the best $25 piece of s/w I've ever bought. Just using it running all the time in the background (instead of dealing with problems in reactive mode) and MSE has kept my 2 XP machines and this Vista one safe for a year or 2 now.....knock on wood-:) |
so far nothing works. No matter what file or icon you use the virus shuts off access especially any virus or malware fighters. Using restore it does the same thing...as soon as one tries to access system restore it blocks it. This morning I was able to get to system restore from the intro to the safe mode...it gives one the option to operate in the safe mode or go to system restore. The system then proceded allowing me to set a new date....however when it comes time for the PC to reboot, the virus prevents the shut down.
I have not tried to use malware from a flash drive. I assume one saves the download to flash, then access from "my computer"? I further assume this should be done in the safe mode. More later. btk |
btk,
What I've done for others is download and install it onto a flash drive from another PC. Actually install it on that flash drive -- e.g. it F: drive or whatever it come up as -- so that it goes out and gets the latest MalwareBytes database. Then take that flash drive over to the infected PC and run it there. In some cases I have had to boot up the infected PC in safe mode to get it to run since some malware screws up the registry such that it will not recognize the USB ports and flash drive. I always run it at least once after deleting the malware it finds -- until it reports back that no errors were found. MWB has always come thru though....Good luck!! |
As far as I am concerned, you are way past Malwarebytes or any other app that does not directly address your problem. If there is not an app out there on the Internet that directly addresses the XP Home Security 2012 virus removal then you need to see a professional.
I recommend MMD: They are on 27/441. A couple of blocks south of 466. 109 S. US Hwy 27/441 Lady Lake, Fl 32159 (352) 750-3707 Unfortunately it is now Saturday afternoon and I think they are closed for the weekend. I do see several sites with a XP Home Security 2012 virus removal process. Give one or two of them a try. I did help a person with a virus using one of the internet removal tools but not this one. Good Luck!!! Z |
Here's a nifty YouTube video of step-by-step instructions on how to get rid of it using two Malwarebytes tools.
[ame]http://www.youtube.com/watch?v=EX_C5hheRPE[/ame] Looks like you're correct, zcaveman. This video showed their other tool, Roguekiller, is also required. Probably worth giving it a shot before shelling out any $$$. Again....good luck!! |
Quote:
|
WOW! Warning, it might be in the post on SINHOLES!
I was looking at the TOTV New Posts this morning when the MALWARE hit me. I was reading the post about the sinkholes. I didn't know where it came from but I was researching an external web site that someone had post about sinkholes. I was looking at the location of a sink hole reported July 19, 1974 near Wildwood outside the Villages. I download a site that would help me with the location of sinkhole which was list long -82.036111 lat 28.852778
I download Maps4PC and that when it hit me. I think I was able to remove the MALWARE but I'm not sure because I'm not that good with computers. I was ready to take to Best Buy. Good luck! |
While on TOTV on Friday I received a red screen and a warning for something I cannot remember. I just hit the back arrow and was back at TOTV and continued reading the posts with no problems. I then ran Malwarebytes on a full scan along with Microsoft Security Essentials and both reported no problems.
Now if you get this red screen there are a couple of things to do. 1. DO NOT CLICK ON THE ANYTHING WITHIN THE BODY OF THE WEB PAGE. 2. Use the back arrow on your browser to go back a screen and then close your browser and run Malwarebytes and Microsoft Security Essentials. 3. Another thing you can do if that screen pops up is to just power the computer off. The next time you reboot the computer it will ask you how you want to boot up and just use the normal mode and you should be okay. Run Malwarebytes and Microsoft Security Essentials for a complete scan. Your desktop icons may not be arranged the way you had them but they are all still there. VG |
I have now tried to load malwarebytes from a flash drive and the new starin of this virus actually learns as you go through the steps and once it determines where your headed it blocks all access.
Most of yesterday afternoon I was trying everything the Malwarebytes site recommended....they had several alternates on how to trick the virus...none worked. Tomorrow I will be working with one of their techs on a chat connection to see what we do next. This episode has given me comfort for the time I have spent over the years always backing up to a portable hard drive as well as my laptop. If you are not backed up you better do it. I am also going to purchase Malwarebytes pro version for my laptop...I do not want to take a chance getting my laptop infected. I will post what I learn as I go. Thanx for all the suggestions and support. btk |
We take Malware, trojans, and security on the site very seriously. We will run additional scans but have not found anything that indicates TOTV as the source. If you have any technical data you would like to share please email to us.
|
When I received the screen pop up the other day I tried to do a screen capture but anything I tried would not work. At that point I did what needed to be done to get out of the situtiation.
Next time I think I will take a picture of the screen on my cell phone for reference as I have had people do that before when I was working in level 3 IT support. VG |
Quote:
All you said are good suggestions. One question. Do you run the Malwarebytes quick scan or the full scan? I usually run the quick scan. I will probably run the full scan this afternoon when I am away from the PC. |
Time for a Mac! I gave up on this nonsense with Windows last year and have had none of this with my Mac.
|
Quote:
When something like this happens I run a full scan as soon as possible. I run the quick scan every couple of weeks on my desktop and lap top. The red screen happened on my lap top so the full scan did to take that long. As far as the desktop goes that takes a lot longer as I am spinning 2 500 gig hard drives and both are 80% full. The one key thing to remember that if you are in the position of the OP, BTK, then you HAVE to boot the computer in safe mode with networking to run Malwarebytes or you are just wasting your time. VG |
Quote:
So the question to ponder is the extra money for a Mac worth it compared to the frustration, headaches and expenses buying antivirus software and the expense having someone repair it? What about the security issues with private information that could be compromised? |
I got hit with the same thing today, probably from TOTV, but I can't remember which thread triggered it. Mine rendered my entire system inoperable, kept getting an offer to buy Vista Antivirus 2012 to cure this new virus.
I was able to reboot in safe mode (I had the adds for the Vista Antivirus 2012 pop up multiple times in "safe" mode which was strange) and eventually get to system restore from the start menu. I restored back to two days ago and it appears to have fixed the problem. As extra protection, I updated my Norton, did a scan, and it appears as if my system is now OK. What a pain in the arse. |
Herv
I agree Sir!
The Apple store said what are you going to do with all your free time instead of running cootie killers all day. Major Geeks . com get Oibit Malware Fighter and Advanced system 5 free. Also download Spyware Blaster as you say pain in the butt! |
I was fortunate to get connected with the customer support gurus at Malwarebytes.
On their website and forum they supply a series of options on how to get around the infection to get the PC to operate. When none of those work they request you contact them by email. They assigned a case number and a "helper". All communications was done via email...they are on the West coast....and via my lap top (uninfected PC). They walked me through a series of analytical links which I downloaded to a flash stick and then onto my infected desk top. The links ran differing programs to sort out the problem(s) and create a log which I in turn emailed back to them. With that information they then would send the next link and instructions. Had to run three different programs but finally a clean computer once again. The customer support was outstanding and very timely. I never had to wait more than an hour to get a response back. I would pass along a caution that just backing away or changing system restore points may not necessarily remove the virus. It could still be in some corrupted files to resurface later. Even after the last pass on mine was completed, they sent a link to remove the existing Malware application and another link to re-install a "fresh" version to assure that even the Malwarebytes program had no corruption. Go to their website and sign up to their forum as there is an awful lot of material that would be of interest. I found the path I needed in their frequently asked questions. I was using their free version and there was no charge for ANY of the customer support. btk |
so glad to read that your malware dilemma is over! and glad to read such a glowing report of the tech assistance you received from the mwb staff!
guess i'll invest in the full product and service since my "free" download is only for a 30 trial! does anyone know if there is a "free" version that is not a 30 day trial? |
Safer browsing with Sandboxie
Quote:
What I can tell you is that both times the page came up just as in this video, telling me to register, etc. In both cases, I did not get infected. I firmly believe this is because I run my browser in a piece of software called Sandboxie. This product allows you to run software in a "sandboxed" environment. When this malware "hit" me, it infected this sandboxed area. All I had to do was clear the sandboxed area using the Sandboxie tool and restart the browser. I do not sell this product, I use the free version of this product and have been saved a few times. If you interested, check out http://sandboxie.com/ Have safe day.... |
Quote:
|
Quote:
|
Quote:
It works just as expected. |
yes there is a free version of Malwarebytes available. Once the free trial is over I would guess there will be an option to either buy the Pro version or go to the free version.
Since the clean up I am currently running the free trial of the Pro version and the end of the trial I will buy the Pro version. They have definitely earned my business. btk |
Thanks
You must feel Sooooooooooo much better. So nice tech support is really there to help you!
I am looking into this product. I just clicked on this post and my XP sent up a blocked attack. I have been on other areas all night with no cootie alerts! Take Care- Herv |
Once again today I got whacked by this annoying piece of Malware and when I got hit I figured I would share how Sandboxie works. When I got hit, my browser exits, at the same time this screen pops up:
http://i1002.photobucket.com/albums/...xie_screen.jpg Next comes all of the pop ups shown in the video earlier in this thread. For kicks I take no action on them, but rather run Malwarebytes and see this http://i1002.photobucket.com/albums/...es_screen1.jpg As you can see, Malwarebytes finds the issue. Notice how the issue is under the directory c:\sandbox. This is where my sandbox exist and where a breach is contained. At the same time, those annoying popups and live scan windows from the attack are all still there, asking me to run a free scan, etc. I instead go to the Sandboxie control and delete contents of sandbox and all popups exit and I am back to normal. http://i1002.photobucket.com/albums/...ean_screen.jpg Very cool.... |
Threat Blocked
Below is a screen shot I just captured of the Norton Internt Security warning that I received while here on TOTV. Norton blocked the threat so I didn't get infected. I am not sure if this is something really bad, had it been allowed into my computer......not familiar with the site. Norton rated the threat as "High" in severity.
|
My Norton
My Norton did this once on this site but how to you capture a screen shot?
Nice job Did you go to Nortons site and report the site. Herv |
I’ve had 6 high-level intrusion attempts (blocked by Norton) in the past two or three days, all of which happened while I was viewing TOTV.
|
| All times are GMT -5. The time now is 03:32 PM. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.
Search Engine Optimisation provided by
DragonByte SEO v2.0.32 (Pro) -
vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.