XP virus scare
+8
Triela
SPARTAN 119
Alfisti
Five_X
FearTheLASERFACE
ElfenMagix
hydra282
maverick375
12 posters
Page 1 of 1
XP virus scare
Hey. Just had a fun night and morning with the latest virus going around for Win XP (there's a version for Win7 too). XP Security 2011, a work of art malware, I managed to pick up while trying to DL an image file. It locks out all virus scans and prevents access to the net by emulating the Windows security center. It fakes a scan, in which it picks up all kinds of fake virus, and then prompts for you to "fix" it. When you click it, it wants you to enter your info to buy it, which of course is a ruse to get your info.
Ive run into this before on coworkers comps and simply did a format and re-install, but this was obviously not a choice on my own comp in the short term.
Fixes are complicated, as you can either get functionality restored and download (and buy) a sweeper that it's free, or do it manually, which involved registry editing.
There is, however, a somewhat easier way, though I'm still cleaning up after (just in case)
Apparently it has a weakness in that it has trouble infecting the Admin profile in XP (assuming you're not logged in under it). I was able to boot into my admin and load a restore point from two days ago, and it not only restored functionality, but I'm having trouble finding traces of the malware.
Obviously I'm spending the day cleaning the hell out of this thing, but I figured I'd send out a heads-up to my friends in case you use XP. If you're clean now, make sure you set up automatic restore points in the system and keep the Admin profile separate from your usual working environs.
Ive run into this before on coworkers comps and simply did a format and re-install, but this was obviously not a choice on my own comp in the short term.
Fixes are complicated, as you can either get functionality restored and download (and buy) a sweeper that it's free, or do it manually, which involved registry editing.
There is, however, a somewhat easier way, though I'm still cleaning up after (just in case)
Apparently it has a weakness in that it has trouble infecting the Admin profile in XP (assuming you're not logged in under it). I was able to boot into my admin and load a restore point from two days ago, and it not only restored functionality, but I'm having trouble finding traces of the malware.
Obviously I'm spending the day cleaning the hell out of this thing, but I figured I'd send out a heads-up to my friends in case you use XP. If you're clean now, make sure you set up automatic restore points in the system and keep the Admin profile separate from your usual working environs.
maverick375-
Forum Posts : 826
Location : Ohio
Fan of : manga
Original Characters : Jamie
Comments : GUNS!!!! MUWAHAHA
Oh, and swords. Swords are kewl too.
Registration date : 2009-03-20
Re: XP virus scare
Sounds familiar.
hydra282- Flower Spirit
-
Forum Posts : 358
Fan of : Henrietta! Beatrice! Elsa!
Original Characters : Zaron + Josie +
Registration date : 2009-05-22
Re: XP virus scare
I have been hit with that several times with it fomr summer of last year. Interesting, I must admit that they have been evolving the software for some time as the Virus scan itself would change to different names and page formats. So, its been around for a while.
ElfenMagix-
Forum Posts : 5682
Location : NYC NY, USA
Fan of : Pia, Elsa, Cleas, Triela...
Original Characters : Fernando & Rachel, Felix & Francesca
Comments : He has super powers. He is God.
Registration date : 2007-09-21
Re: XP virus scare
Safe mode was also a little help in killing it. it's about the only way to gain entrance to regedit to manually delete the registry stuff. I got lucky in that my last restore was automatically done on Tuesday, so I didn't lose anything.
maverick375-
Forum Posts : 826
Location : Ohio
Fan of : manga
Original Characters : Jamie
Comments : GUNS!!!! MUWAHAHA
Oh, and swords. Swords are kewl too.
Registration date : 2009-03-20
Re: XP virus scare
I've been hit by this before, as well as my parents. I've beaten it every time so far. The only real thing that ever actually ended up beyond my understanding was when my PC simply broke down. Apparantly, I mashed the power button instead of safely turning it off too much, so it screwed up .
FearTheLASERFACE-
Forum Posts : 201
Original Characters : Subject 2-Alpha, Serina, Sarah, James Antolini, Jack Vesputchi
Comments : Kalashnikov sounds so much more bad*** than AK-47
Registration date : 2010-08-27
Re: XP virus scare
I've had this one before. I just found the file and deleted it, and did a registry clean/fix to make sure everything was in working order.
Still doesn't explainen vhy I can't view Cyborg Centralhausen without ein proxy, though.
Still doesn't explainen vhy I can't view Cyborg Centralhausen without ein proxy, though.
Five_X-
Forum Posts : 695
Location : Canada
Fan of : Rico!
Original Characters : Jessi, Ed, Ralph and Mal
Comments : President of the Ilya Fanclub.
Registration date : 2009-09-30
Re: XP virus scare
I got something like that on my PC. Defender.exe which shuts down malware bytes and kasperskys all while saying that multiple viruses are threating your computer. Managed to get malware to clear it out.
Guest- Guest
Re: XP virus scare
I think I got that one, or at least a derivative of it a little while ago. Shut down the virus busters, hid files and disallowed access to the internet... then shut the computer down periodically with the message "RAM temperature critical". Eventually I found that Nortons would block it just long enough for Malwarebytes to remove it. Nortons would only remove part of it and it'd re-install each time the computer shut itself down.crazyidiot78 wrote:I got something like that on my PC. Defender.exe which shuts down malware bytes and kasperskys all while saying that multiple viruses are threating your computer. Managed to get malware to clear it out.
Alfisti-
Forum Posts : 5880
Location : A Town by the Sea, NSW Central Coast, Australia
Fan of : Triela, Hilshire, Priscilla, Ferro
Original Characters : Jethro + Monty
Comments : If in doubt, overdress.
Registration date : 2009-07-21
Re: XP virus scare
This is one of those times I'm glad I have a Mac.
SPARTAN 119-
Forum Posts : 574
Registration date : 2009-08-24
Re: XP virus scare
SPARTAN 119 wrote:This is one of those times I'm glad I have a Mac.
Triela- Super Special Awesome Cyborg Assassin
-
Forum Posts : 2746
Location : Defending Johnny Lawrence >:T
Fan of : Triela
Original Characters : Savyna, Iain
Comments : A pleasant, bubbly young lady, talented artist and Orlando Bloom fan extraordinaire.
Registration date : 2007-12-15
Re: XP virus scare
Piracy is a good way to get slammed with viruses and whatnot.
Nuke is Good-
Forum Posts : 326
Location : New Jersey
Fan of : Henrietta
Original Characters : Rc v1
Registration date : 2008-04-10
Re: XP virus scare
SPARTAN 119 wrote:This is one of those times I'm glad I have a Mac.
Should point out, Macs actually have worse security than Windows - it's just that they're so obscure as compared to Windows computers, people don't target them.
Not so for Linux (downside of your desktop OS being one of the most popular server OSs as well), but then, the security on Linux is very good. Heck, you can't log in as an admin on most desktop versions, unless through the terminal (or if you go through and allow root as a logon-abble account. If you do that, you probably know what you're doing. Still a bad idea though).
Linux still ftw!
TTIO- CEO of Cheese Pie Inc.
-
Forum Posts : 1111
Location : Eng.
Fan of : Triela!
Original Characters : Keetha & Alcide
Registration date : 2008-07-02
Re: XP virus scare
TTIO wrote:SPARTAN 119 wrote:This is one of those times I'm glad I have a Mac.
Should point out, Macs actually have worse security than Windows - it's just that they're so obscure as compared to Windows computers, people don't target them.
Not so for Linux...
OS X is based on a Unix kernel so, like Linux, it has benefitted from decades of "in service" use and was designed from the ground up with security in mind, unlike Windows.
Those "experts" and "studies" that claim OS X is a security nightmare are funded by companies like Symantec that sell OS X anti-virus software, so consider it's in the benefit to commission a study that gives those results.
It is difficult to infect an OS X and Linux system because by default user accounts do not run with Root privileges.
Kiskaloo- A Cat of Many Talents
-
Forum Posts : 10984
Location : Seattle / Tokyo / Milan
Fan of : Angelica's Smile
Original Characters : Kara Michelle
Comments : The community's international man of mystery.
Registration date : 2008-09-11
Re: XP virus scare
Kiskaloo wrote:TTIO wrote:SPARTAN 119 wrote:This is one of those times I'm glad I have a Mac.
Should point out, Macs actually have worse security than Windows - it's just that they're so obscure as compared to Windows computers, people don't target them.
Not so for Linux...
OS X is based on a Unix kernel so, like Linux, it has benefitted from decades of "in service" use and was designed from the ground up with security in mind, unlike Windows.
Those "experts" and "studies" that claim OS X is a security nightmare are funded by companies like Symantec that sell OS X anti-virus software, so consider it's in the benefit to commission a study that gives those results.
It is difficult to infect an OS X and Linux system because by default user accounts do not run with Root privileges.
My fluency in technobabble is limited, but from the sound of it, Mac OS X security actually is pretty good.
But, regardless, my point remains, most of the people who create Mac viruses probably have a specific target in mind, it is much less likely for a Mac virus to be created by some guy who just creates a virus for "mass distribution" for a laugh. There just aren't enough targets.
SPARTAN 119-
Forum Posts : 574
Registration date : 2009-08-24
Re: XP virus scare
SPARTAN 119 wrote:But, regardless, my point remains, most of the people who create Mac viruses probably have a specific target in mind, it is much less likely for a Mac virus to be created by some guy who just creates a virus for "mass distribution" for a laugh. There just aren't enough targets.
True. There are exploits designed to attack OS X. But almost all, if not all, of them require active user intervention (download a file, install it, and give that file access to the Root folder).
With Windows, so much code can be executed in the background that it's much easier for an infection to find a vector into the system without active user intervention.
User Account Control on Vista and Windows 7 is a good idea. However, it was terribly executed in Vista, requiring you to darn near type in your password just to hit the CapsLock key. As such, most everyone immediately turned it off.
For Windows 7, UAC offers more granularity and can be configured similar to OS X's default, where you're only prompted for your password when installing an application or when a program needs access to the Root folder. However, with the bad experience users had with it under Vista, most people disable it in Win7, as well.
Kiskaloo- A Cat of Many Talents
-
Forum Posts : 10984
Location : Seattle / Tokyo / Milan
Fan of : Angelica's Smile
Original Characters : Kara Michelle
Comments : The community's international man of mystery.
Registration date : 2008-09-11
Re: XP virus scare
Kiskaloo wrote:OS X is based on a Unix kernel so, like Linux, it has benefitted from decades of "in service" use and was designed from the ground up with security in mind, unlike Windows.
Those "experts" and "studies" that claim OS X is a security nightmare are funded by companies like Symantec that sell OS X anti-virus software, so consider it's in the benefit to commission a study that gives those results.
It is difficult to infect an OS X and Linux system because by default user accounts do not run with Root privileges.
I was under the impression that whilst the kernel was written with good security, the processes/services etc. are not necessarily the same way (iTunes for example, regularly crashes my w7 computer. Though granted, that may have something to do with it not liking ext3 drivers. But no other program crashes due to ext3 :p)
But you undoubtedly know a lot more about OSX than me - I just love my Linux <3
TTIO- CEO of Cheese Pie Inc.
-
Forum Posts : 1111
Location : Eng.
Fan of : Triela!
Original Characters : Keetha & Alcide
Registration date : 2008-07-02
Re: XP virus scare
TTIO wrote:Kiskaloo wrote:OS X is based on a Unix kernel so, like Linux, it has benefitted from decades of "in service" use and was designed from the ground up with security in mind, unlike Windows.
Those "experts" and "studies" that claim OS X is a security nightmare are funded by companies like Symantec that sell OS X anti-virus software, so consider it's in the benefit to commission a study that gives those results.
It is difficult to infect an OS X and Linux system because by default user accounts do not run with Root privileges.
I was under the impression that whilst the kernel was written with good security, the processes/services etc. are not necessarily the same way (iTunes for example, regularly crashes my w7 computer. Though granted, that may have something to do with it not liking ext3 drivers. But no other program crashes due to ext3 :p)
But you undoubtedly know a lot more about OSX than me - I just love my Linux <3
I enjoy my Solaris 10.....when I'm not gaming.
Nuke is Good-
Forum Posts : 326
Location : New Jersey
Fan of : Henrietta
Original Characters : Rc v1
Registration date : 2008-04-10
Re: XP virus scare
Well iTunes under Windows is a different beast than under OS X. That being said, it is far past time for Apple to have re-written iTunes from Carbon to Cocoa, but that's another rant for another time.
Kiskaloo- A Cat of Many Talents
-
Forum Posts : 10984
Location : Seattle / Tokyo / Milan
Fan of : Angelica's Smile
Original Characters : Kara Michelle
Comments : The community's international man of mystery.
Registration date : 2008-09-11
Re: XP virus scare
Nuke is Good wrote:I enjoy my Solaris 10.....when I'm not gaming.
Harsh, man, harsh. But true :p
I have a gaming PC that runs only Windows (with Fedora as a recovery OS), and my laptop has to use windows as I still haven't got the wifi working on Linux
But ssh. I still love it :p
TTIO- CEO of Cheese Pie Inc.
-
Forum Posts : 1111
Location : Eng.
Fan of : Triela!
Original Characters : Keetha & Alcide
Registration date : 2008-07-02
Re: XP virus scare
I found one of many sites pushing such viruses. It tried to attack my Mac. It failed. I lol'd!
It is as exactly as described on this thread.
DO NOT CLICK ON LINK! IT CONTAINS A VIRUS!
http://webavpro-s.co.cc/scan/?key=lRp2At8_qYjus4VrpsEQx_kqvYD0ouipkVGhNxyTx8w~
DO NOT CLICK ON LINK! IT CONTAINS A VIRUS!
It is as exactly as described on this thread.
DO NOT CLICK ON LINK! IT CONTAINS A VIRUS!
http://webavpro-s.co.cc/scan/?key=lRp2At8_qYjus4VrpsEQx_kqvYD0ouipkVGhNxyTx8w~
DO NOT CLICK ON LINK! IT CONTAINS A VIRUS!
ElfenMagix-
Forum Posts : 5682
Location : NYC NY, USA
Fan of : Pia, Elsa, Cleas, Triela...
Original Characters : Fernando & Rachel, Felix & Francesca
Comments : He has super powers. He is God.
Registration date : 2007-09-21
Re: XP virus scare
My computer currently has more viruses in it than a harem/soup kitchen hybrid!
Five_X-
Forum Posts : 695
Location : Canada
Fan of : Rico!
Original Characters : Jessi, Ed, Ralph and Mal
Comments : President of the Ilya Fanclub.
Registration date : 2009-09-30
Re: XP virus scare
Piracy is a good way to get slammed with viruses and whatnot.
Ironically, I was looking for an image of WinXP Pro to replace my scratched original with. Not exactly piracy, but yes, trolling the net for torrents has it's dangers.
maverick375-
Forum Posts : 826
Location : Ohio
Fan of : manga
Original Characters : Jamie
Comments : GUNS!!!! MUWAHAHA
Oh, and swords. Swords are kewl too.
Registration date : 2009-03-20
Re: XP virus scare
Got hit by this in the past 24 hours, managed to restore myself back onto the internet, but I am now running MalwareBytes, Avast, and Secunia PSI as well as MS Security Essentials. however, I now cannot activate any automatic updates for some reason, and MSSE cannot update its definitions. the admin profile is also the only available profile. any suggestions?
MP5-
Forum Posts : 1767
Location : Columbia, PA
Fan of : Sandro/Petra Fratello *dodges bullets*; Michael and Jamie Christiansen
Original Characters : Allison-Brian McDonnell Fratello
Comments : You gotta ask the cutie before you touch dat booty.
Registration date : 2010-02-01
Your character
OC genger: 40
Re: XP virus scare
You might have to go in and edit the remnants of the virus from the registry. information on that here.
I personally don't use the windows auto-update since it has screwed things up more than once if left to itself. if you're talking about the anti-virus software autoupdates, I'm not sure that you can fix those without reinstalling them. If I recall correctly, spybot detects changes in the autoupdate and other security center registry entries and flags them, even if you purposely disable them.
The biggest pain of that virus is how effectively it cripples the access to anything that works against it. If you have access to the net and other software, then you can beat it. It just takes time.
I personally don't use the windows auto-update since it has screwed things up more than once if left to itself. if you're talking about the anti-virus software autoupdates, I'm not sure that you can fix those without reinstalling them. If I recall correctly, spybot detects changes in the autoupdate and other security center registry entries and flags them, even if you purposely disable them.
The biggest pain of that virus is how effectively it cripples the access to anything that works against it. If you have access to the net and other software, then you can beat it. It just takes time.
maverick375-
Forum Posts : 826
Location : Ohio
Fan of : manga
Original Characters : Jamie
Comments : GUNS!!!! MUWAHAHA
Oh, and swords. Swords are kewl too.
Registration date : 2009-03-20
Re: XP virus scare
MP5 wrote:Got hit by this in the past 24 hours, managed to restore myself back onto the internet, but I am now running MalwareBytes, Avast, and Secunia PSI as well as MS Security Essentials.
To be perfectly honest with you, the chances of them doing anything are slim. And they'll likely interfere with each other.
Anti-viruses are often definition based - they guard against viruses that the writers know about. Sometimes the lists are quite large (see www.securelist.com for Kaspersky's), but the most dangerous attacks the new ones.
Get something with a decent proactive defense (Kaspersky or Comodo Firewall are the ones that I would recommend) and then read whatever it tells you and don't let through suspicious stuff. If a game wants control of your monitor, or your speakers, then fair enough - but if a text editing program wants it, don't let it through. That sort of thing.
That'll give you more protection than any anti-virus (NB I don't use an anti-virus anymore. Just Comodo Firewall and proactive defense).
And if it's too awkward to fix XP now, just reinstall. That's what I did the one occasion I got such a virus
TTIO- CEO of Cheese Pie Inc.
-
Forum Posts : 1111
Location : Eng.
Fan of : Triela!
Original Characters : Keetha & Alcide
Registration date : 2008-07-02
Re: XP virus scare
Honestly, if you got hit really bad with a virus I recommend reinstalling Windows.
If you have Sophos thats a good antivirus, its extremely sensitive that approaches false positive territory. But its for the Corporate setting so it runs only on one computer in my house.
If you have Sophos thats a good antivirus, its extremely sensitive that approaches false positive territory. But its for the Corporate setting so it runs only on one computer in my house.
Nuke is Good-
Forum Posts : 326
Location : New Jersey
Fan of : Henrietta
Original Characters : Rc v1
Registration date : 2008-04-10
Re: XP virus scare
Argh, got hit by it again. And now whenever I try to open .exe files, I'm asked to select which file to use to open each with, every time, which means I can't correctly access most programs on my computer.
Five_X-
Forum Posts : 695
Location : Canada
Fan of : Rico!
Original Characters : Jessi, Ed, Ralph and Mal
Comments : President of the Ilya Fanclub.
Registration date : 2009-09-30
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum