XP virus scare

View previous topic View next topic Go down

XP virus scare

Post by maverick375 on Thu 7 Apr 2011 - 10:13

Hey. Just had a fun night and morning with the latest virus going around for Win XP (there's a version for Win7 too). XP Security 2011, a work of art malware, I managed to pick up while trying to DL an image file. It locks out all virus scans and prevents access to the net by emulating the Windows security center. It fakes a scan, in which it picks up all kinds of fake virus, and then prompts for you to "fix" it. When you click it, it wants you to enter your info to buy it, which of course is a ruse to get your info.
Ive run into this before on coworkers comps and simply did a format and re-install, but this was obviously not a choice on my own comp in the short term.
Fixes are complicated, as you can either get functionality restored and download (and buy) a sweeper that it's free, or do it manually, which involved registry editing.

There is, however, a somewhat easier way, though I'm still cleaning up after (just in case)
Apparently it has a weakness in that it has trouble infecting the Admin profile in XP (assuming you're not logged in under it). I was able to boot into my admin and load a restore point from two days ago, and it not only restored functionality, but I'm having trouble finding traces of the malware.
Obviously I'm spending the day cleaning the hell out of this thing, but I figured I'd send out a heads-up to my friends in case you use XP. If you're clean now, make sure you set up automatic restore points in the system and keep the Admin profile separate from your usual working environs.

-------------------------------------------------------------------------------


Glocks are not the shit. Glocks can fail the same as any other gun. I've seen it personally, and have even heard first-hand accounts of something as basic as a slide-retaining pin snapping, the slide flying off. Get over the obsession and buy what fits your hand, your wallet, and ability.
avatar
maverick375

Male

Forum Posts : 823

Location : Ohio

Fan of : manga

Original Characters : Jamie

Comments : GUNS!!!! MUWAHAHA

Oh, and swords. Swords are kewl too.

Registration date : 2009-03-20

Back to top Go down

Re: XP virus scare

Post by hydra282 on Thu 7 Apr 2011 - 13:13

Sounds familiar.
avatar
hydra282
Flower Spirit

Male

Forum Posts : 358

Fan of : Henrietta! Beatrice! Elsa!

Original Characters : Zaron + Josie +

Registration date : 2009-05-22

Back to top Go down

Re: XP virus scare

Post by ElfenMagix on Thu 7 Apr 2011 - 16:23

I have been hit with that several times with it fomr summer of last year. Interesting, I must admit that they have been evolving the software for some time as the Virus scan itself would change to different names and page formats. So, its been around for a while.

-------------------------------------------------------------------------------


If Fernando had Super Powers, He would be God!
avatar
ElfenMagix

Male

Forum Posts : 5676

Location : NYC NY, USA

Fan of : Pia, Elsa, Cleas, Triela...

Original Characters : Fernando & Rachel, Felix & Francesca

Comments : He has super powers. He is God.

Registration date : 2007-09-21

Back to top Go down

Re: XP virus scare

Post by maverick375 on Thu 7 Apr 2011 - 17:14

Safe mode was also a little help in killing it. it's about the only way to gain entrance to regedit to manually delete the registry stuff. I got lucky in that my last restore was automatically done on Tuesday, so I didn't lose anything.

-------------------------------------------------------------------------------


Glocks are not the shit. Glocks can fail the same as any other gun. I've seen it personally, and have even heard first-hand accounts of something as basic as a slide-retaining pin snapping, the slide flying off. Get over the obsession and buy what fits your hand, your wallet, and ability.
avatar
maverick375

Male

Forum Posts : 823

Location : Ohio

Fan of : manga

Original Characters : Jamie

Comments : GUNS!!!! MUWAHAHA

Oh, and swords. Swords are kewl too.

Registration date : 2009-03-20

Back to top Go down

Re: XP virus scare

Post by FearTheLASERFACE on Thu 7 Apr 2011 - 17:24

I've been hit by this before, as well as my parents. I've beaten it every time so far. The only real thing that ever actually ended up beyond my understanding was when my PC simply broke down. Apparantly, I mashed the power button instead of safely turning it off too much, so it screwed up Razz.
avatar
FearTheLASERFACE

Male

Forum Posts : 201

Original Characters : Subject 2-Alpha, Serina, Sarah, James Antolini, Jack Vesputchi

Comments : Kalashnikov sounds so much more bad*** than AK-47

Registration date : 2010-08-27

Back to top Go down

Re: XP virus scare

Post by Five_X on Thu 7 Apr 2011 - 18:45

I've had this one before. I just found the file and deleted it, and did a registry clean/fix to make sure everything was in working order.

Still doesn't explainen vhy I can't view Cyborg Centralhausen without ein proxy, though.

-------------------------------------------------------------------------------



"The scoreboard looks like baseball, the start looks like bowling, and the rest looks like cleaning the kitchen floors." - rustyspring on curling

"The world will listen to me!" - Makoto Itou, butchered translation of School Days

"Bullshit! I want healthy Arf back!" - Piero, on Nanoha season three
avatar
Five_X

Male

Forum Posts : 695

Location : Canada

Fan of : Rico!

Original Characters : Jessi, Ed, Ralph and Mal

Comments : President of the Ilya Fanclub.

Registration date : 2009-09-30

Back to top Go down

Re: XP virus scare

Post by crazyidiot78 on Fri 8 Apr 2011 - 0:33

I got something like that on my PC. Defender.exe which shuts down malware bytes and kasperskys all while saying that multiple viruses are threating your computer. Managed to get malware to clear it out.
avatar
crazyidiot78

Male

Forum Posts : 1534

Location : Mongolia.... that is all

Fan of : Claes

Original Characters : none at this time

Comments : Me- So I used Naruto as a way to explain how viruses destroy cells in class ...... ok that as odd...... but it actually worked.

Me- I feel like a secret agent man, as my wallet now has six different currencies in it

Me- It has come to my attention that it is impossible to buy liver in Mongolia because it is bad, but it is perfectly ok to buy salt sheep heads

Registration date : 2010-01-10

Back to top Go down

Re: XP virus scare

Post by Alfisti on Fri 8 Apr 2011 - 2:37

@crazyidiot78 wrote:I got something like that on my PC. Defender.exe which shuts down malware bytes and kasperskys all while saying that multiple viruses are threating your computer. Managed to get malware to clear it out.
I think I got that one, or at least a derivative of it a little while ago. Shut down the virus busters, hid files and disallowed access to the internet... then shut the computer down periodically with the message "RAM temperature critical". Eventually I found that Nortons would block it just long enough for Malwarebytes to remove it. Nortons would only remove part of it and it'd re-install each time the computer shut itself down.

-------------------------------------------------------------------------------


Your lack of planning does not constitute my emergency.
avatar
Alfisti

Male

Forum Posts : 5739

Location : A Town by the Sea, NSW Central Coast, Australia

Fan of : Triela, Hilshire, Priscilla, Ferro

Original Characters : Jethro + Monty

Comments : If in doubt, overdress.

Registration date : 2009-07-21

Back to top Go down

Re: XP virus scare

Post by SPARTAN 119 on Fri 8 Apr 2011 - 4:13

This is one of those times I'm glad I have a Mac.
avatar
SPARTAN 119

Male

Forum Posts : 574

Registration date : 2009-08-24

Back to top Go down

Re: XP virus scare

Post by Triela on Fri 8 Apr 2011 - 8:41

@SPARTAN 119 wrote:This is one of those times I'm glad I have a Mac.



-------------------------------------------------------------------------------


  AWWWWW YEAHHHH
avatar
Triela
Super Special Awesome Cyborg Assassin

Female

Forum Posts : 2723

Location : In Steve's arms >:3

Fan of : Triela

Original Characters : Savyna

Comments : A pleasant, bubbly young lady, talented artist and Orlando Bloom fan extraordinaire.

Registration date : 2007-12-15

Back to top Go down

Re: XP virus scare

Post by Nuke is Good on Fri 8 Apr 2011 - 13:36

Piracy is a good way to get slammed with viruses and whatnot.
avatar
Nuke is Good

Male

Forum Posts : 326

Location : New Jersey

Fan of : Henrietta

Original Characters : Rc v1

Registration date : 2008-04-10

Back to top Go down

Re: XP virus scare

Post by TTIO on Sat 9 Apr 2011 - 14:59

@SPARTAN 119 wrote:This is one of those times I'm glad I have a Mac.

Should point out, Macs actually have worse security than Windows - it's just that they're so obscure as compared to Windows computers, people don't target them.
Not so for Linux (downside of your desktop OS being one of the most popular server OSs as well), but then, the security on Linux is very good. Heck, you can't log in as an admin on most desktop versions, unless through the terminal (or if you go through and allow root as a logon-abble account. If you do that, you probably know what you're doing. Still a bad idea though).

Linux still ftw! Very Happy

-------------------------------------------------------------------------------




The Eagle

He clasps the crag with crooked hands;
Close to the sun in lonely lands,
Ring'd with the azure world, he stands.

The wrinkled sea beneath him crawls;
He watches from his mountain walls,
And like a thunderbolt he falls.

Alfred Tennyson - 1851
avatar
TTIO
CEO of Cheese Pie Inc.

Male

Forum Posts : 1111

Location : Eng.

Fan of : Triela!

Original Characters : Keetha & Alcide

Registration date : 2008-07-02

Back to top Go down

Re: XP virus scare

Post by Kiskaloo on Sat 9 Apr 2011 - 15:12

@TTIO wrote:
@SPARTAN 119 wrote:This is one of those times I'm glad I have a Mac.

Should point out, Macs actually have worse security than Windows - it's just that they're so obscure as compared to Windows computers, people don't target them.

Not so for Linux...

OS X is based on a Unix kernel so, like Linux, it has benefitted from decades of "in service" use and was designed from the ground up with security in mind, unlike Windows.

Those "experts" and "studies" that claim OS X is a security nightmare are funded by companies like Symantec that sell OS X anti-virus software, so consider it's in the benefit to commission a study that gives those results. Wink

It is difficult to infect an OS X and Linux system because by default user accounts do not run with Root privileges.

-------------------------------------------------------------------------------


What? I like donuts! - Betty Suarez
If I die before my time, go on Oprah and tell the world 'I liked kittens'. - Veronica Mars
Scissors of victory! - Yui Hirasawa
avatar
Kiskaloo
A Cat of Many Talents

Male

Forum Posts : 10890

Location : Seattle / Tokyo / Milan

Fan of : Angelica's Smile

Original Characters : Kara Michelle

Comments : The community's international man of mystery.

Registration date : 2008-09-11

Back to top Go down

Re: XP virus scare

Post by SPARTAN 119 on Sat 9 Apr 2011 - 15:54

@Kiskaloo wrote:
@TTIO wrote:
@SPARTAN 119 wrote:This is one of those times I'm glad I have a Mac.

Should point out, Macs actually have worse security than Windows - it's just that they're so obscure as compared to Windows computers, people don't target them.

Not so for Linux...

OS X is based on a Unix kernel so, like Linux, it has benefitted from decades of "in service" use and was designed from the ground up with security in mind, unlike Windows.

Those "experts" and "studies" that claim OS X is a security nightmare are funded by companies like Symantec that sell OS X anti-virus software, so consider it's in the benefit to commission a study that gives those results. Wink

It is difficult to infect an OS X and Linux system because by default user accounts do not run with Root privileges.

My fluency in technobabble is limited, but from the sound of it, Mac OS X security actually is pretty good.

But, regardless, my point remains, most of the people who create Mac viruses probably have a specific target in mind, it is much less likely for a Mac virus to be created by some guy who just creates a virus for "mass distribution" for a laugh. There just aren't enough targets.
avatar
SPARTAN 119

Male

Forum Posts : 574

Registration date : 2009-08-24

Back to top Go down

Re: XP virus scare

Post by Kiskaloo on Sat 9 Apr 2011 - 16:01

@SPARTAN 119 wrote:But, regardless, my point remains, most of the people who create Mac viruses probably have a specific target in mind, it is much less likely for a Mac virus to be created by some guy who just creates a virus for "mass distribution" for a laugh. There just aren't enough targets.

True. There are exploits designed to attack OS X. But almost all, if not all, of them require active user intervention (download a file, install it, and give that file access to the Root folder).

With Windows, so much code can be executed in the background that it's much easier for an infection to find a vector into the system without active user intervention.

User Account Control on Vista and Windows 7 is a good idea. However, it was terribly executed in Vista, requiring you to darn near type in your password just to hit the CapsLock key. Razz As such, most everyone immediately turned it off.

For Windows 7, UAC offers more granularity and can be configured similar to OS X's default, where you're only prompted for your password when installing an application or when a program needs access to the Root folder. However, with the bad experience users had with it under Vista, most people disable it in Win7, as well.

-------------------------------------------------------------------------------


What? I like donuts! - Betty Suarez
If I die before my time, go on Oprah and tell the world 'I liked kittens'. - Veronica Mars
Scissors of victory! - Yui Hirasawa
avatar
Kiskaloo
A Cat of Many Talents

Male

Forum Posts : 10890

Location : Seattle / Tokyo / Milan

Fan of : Angelica's Smile

Original Characters : Kara Michelle

Comments : The community's international man of mystery.

Registration date : 2008-09-11

Back to top Go down

Re: XP virus scare

Post by TTIO on Sat 9 Apr 2011 - 16:04

@Kiskaloo wrote:OS X is based on a Unix kernel so, like Linux, it has benefitted from decades of "in service" use and was designed from the ground up with security in mind, unlike Windows.

Those "experts" and "studies" that claim OS X is a security nightmare are funded by companies like Symantec that sell OS X anti-virus software, so consider it's in the benefit to commission a study that gives those results. Wink

It is difficult to infect an OS X and Linux system because by default user accounts do not run with Root privileges.

I was under the impression that whilst the kernel was written with good security, the processes/services etc. are not necessarily the same way (iTunes for example, regularly crashes my w7 computer. Though granted, that may have something to do with it not liking ext3 drivers. But no other program crashes due to ext3 :p)

But you undoubtedly know a lot more about OSX than me - I just love my Linux <3

-------------------------------------------------------------------------------




The Eagle

He clasps the crag with crooked hands;
Close to the sun in lonely lands,
Ring'd with the azure world, he stands.

The wrinkled sea beneath him crawls;
He watches from his mountain walls,
And like a thunderbolt he falls.

Alfred Tennyson - 1851
avatar
TTIO
CEO of Cheese Pie Inc.

Male

Forum Posts : 1111

Location : Eng.

Fan of : Triela!

Original Characters : Keetha & Alcide

Registration date : 2008-07-02

Back to top Go down

Re: XP virus scare

Post by Nuke is Good on Sat 9 Apr 2011 - 16:24

@TTIO wrote:
@Kiskaloo wrote:OS X is based on a Unix kernel so, like Linux, it has benefitted from decades of "in service" use and was designed from the ground up with security in mind, unlike Windows.

Those "experts" and "studies" that claim OS X is a security nightmare are funded by companies like Symantec that sell OS X anti-virus software, so consider it's in the benefit to commission a study that gives those results. Wink

It is difficult to infect an OS X and Linux system because by default user accounts do not run with Root privileges.

I was under the impression that whilst the kernel was written with good security, the processes/services etc. are not necessarily the same way (iTunes for example, regularly crashes my w7 computer. Though granted, that may have something to do with it not liking ext3 drivers. But no other program crashes due to ext3 :p)

But you undoubtedly know a lot more about OSX than me - I just love my Linux <3

I enjoy my Solaris 10.....when I'm not gaming.
avatar
Nuke is Good

Male

Forum Posts : 326

Location : New Jersey

Fan of : Henrietta

Original Characters : Rc v1

Registration date : 2008-04-10

Back to top Go down

Re: XP virus scare

Post by Kiskaloo on Sat 9 Apr 2011 - 20:11

Well iTunes under Windows is a different beast than under OS X. That being said, it is far past time for Apple to have re-written iTunes from Carbon to Cocoa, but that's another rant for another time. Smile

-------------------------------------------------------------------------------


What? I like donuts! - Betty Suarez
If I die before my time, go on Oprah and tell the world 'I liked kittens'. - Veronica Mars
Scissors of victory! - Yui Hirasawa
avatar
Kiskaloo
A Cat of Many Talents

Male

Forum Posts : 10890

Location : Seattle / Tokyo / Milan

Fan of : Angelica's Smile

Original Characters : Kara Michelle

Comments : The community's international man of mystery.

Registration date : 2008-09-11

Back to top Go down

Re: XP virus scare

Post by TTIO on Sun 10 Apr 2011 - 3:00

@Nuke is Good wrote:I enjoy my Solaris 10.....when I'm not gaming.

Harsh, man, harsh. But true :p
I have a gaming PC that runs only Windows (with Fedora as a recovery OS), and my laptop has to use windows as I still haven't got the wifi working on Linux bang head

But ssh. I still love it :p

-------------------------------------------------------------------------------




The Eagle

He clasps the crag with crooked hands;
Close to the sun in lonely lands,
Ring'd with the azure world, he stands.

The wrinkled sea beneath him crawls;
He watches from his mountain walls,
And like a thunderbolt he falls.

Alfred Tennyson - 1851
avatar
TTIO
CEO of Cheese Pie Inc.

Male

Forum Posts : 1111

Location : Eng.

Fan of : Triela!

Original Characters : Keetha & Alcide

Registration date : 2008-07-02

Back to top Go down

Re: XP virus scare

Post by ElfenMagix on Tue 12 Apr 2011 - 23:58

I found one of many sites pushing such viruses. It tried to attack my Mac. It failed. I lol'd!

It is as exactly as described on this thread.

DO NOT CLICK ON LINK! IT CONTAINS A VIRUS!
http://webavpro-s.co.cc/scan/?key=lRp2At8_qYjus4VrpsEQx_kqvYD0ouipkVGhNxyTx8w~
DO NOT CLICK ON LINK! IT CONTAINS A VIRUS!

-------------------------------------------------------------------------------


If Fernando had Super Powers, He would be God!
avatar
ElfenMagix

Male

Forum Posts : 5676

Location : NYC NY, USA

Fan of : Pia, Elsa, Cleas, Triela...

Original Characters : Fernando & Rachel, Felix & Francesca

Comments : He has super powers. He is God.

Registration date : 2007-09-21

Back to top Go down

Re: XP virus scare

Post by Five_X on Wed 13 Apr 2011 - 3:14

My computer currently has more viruses in it than a harem/soup kitchen hybrid!

-------------------------------------------------------------------------------



"The scoreboard looks like baseball, the start looks like bowling, and the rest looks like cleaning the kitchen floors." - rustyspring on curling

"The world will listen to me!" - Makoto Itou, butchered translation of School Days

"Bullshit! I want healthy Arf back!" - Piero, on Nanoha season three
avatar
Five_X

Male

Forum Posts : 695

Location : Canada

Fan of : Rico!

Original Characters : Jessi, Ed, Ralph and Mal

Comments : President of the Ilya Fanclub.

Registration date : 2009-09-30

Back to top Go down

Re: XP virus scare

Post by maverick375 on Sat 16 Apr 2011 - 18:43

Piracy is a good way to get slammed with viruses and whatnot.

Ironically, I was looking for an image of WinXP Pro to replace my scratched original with. Not exactly piracy, but yes, trolling the net for torrents has it's dangers.

-------------------------------------------------------------------------------


Glocks are not the shit. Glocks can fail the same as any other gun. I've seen it personally, and have even heard first-hand accounts of something as basic as a slide-retaining pin snapping, the slide flying off. Get over the obsession and buy what fits your hand, your wallet, and ability.
avatar
maverick375

Male

Forum Posts : 823

Location : Ohio

Fan of : manga

Original Characters : Jamie

Comments : GUNS!!!! MUWAHAHA

Oh, and swords. Swords are kewl too.

Registration date : 2009-03-20

Back to top Go down

Re: XP virus scare

Post by MP5 on Sat 16 Apr 2011 - 19:00

Got hit by this in the past 24 hours, managed to restore myself back onto the internet, but I am now running MalwareBytes, Avast, and Secunia PSI as well as MS Security Essentials. however, I now cannot activate any automatic updates for some reason, and MSSE cannot update its definitions. the admin profile is also the only available profile. any suggestions?

-------------------------------------------------------------------------------


I aim to misbehave.



avatar
MP5

Male

Forum Posts : 1767

Location : Phoenixville, PA

Fan of : Sandro/Petra Fratello *dodges bullets*; Michael and Jamie Christiansen

Original Characters : Allison-Brian McDonnell Fratello

Comments : You gotta ask the cutie before you touch dat booty.

Registration date : 2010-02-01

Back to top Go down

Re: XP virus scare

Post by maverick375 on Sat 16 Apr 2011 - 19:58

You might have to go in and edit the remnants of the virus from the registry. information on that here.

I personally don't use the windows auto-update since it has screwed things up more than once if left to itself. if you're talking about the anti-virus software autoupdates, I'm not sure that you can fix those without reinstalling them. If I recall correctly, spybot detects changes in the autoupdate and other security center registry entries and flags them, even if you purposely disable them.

The biggest pain of that virus is how effectively it cripples the access to anything that works against it. If you have access to the net and other software, then you can beat it. It just takes time.

-------------------------------------------------------------------------------


Glocks are not the shit. Glocks can fail the same as any other gun. I've seen it personally, and have even heard first-hand accounts of something as basic as a slide-retaining pin snapping, the slide flying off. Get over the obsession and buy what fits your hand, your wallet, and ability.
avatar
maverick375

Male

Forum Posts : 823

Location : Ohio

Fan of : manga

Original Characters : Jamie

Comments : GUNS!!!! MUWAHAHA

Oh, and swords. Swords are kewl too.

Registration date : 2009-03-20

Back to top Go down

Re: XP virus scare

Post by TTIO on Sun 17 Apr 2011 - 16:01

@MP5 wrote:Got hit by this in the past 24 hours, managed to restore myself back onto the internet, but I am now running MalwareBytes, Avast, and Secunia PSI as well as MS Security Essentials.

To be perfectly honest with you, the chances of them doing anything are slim. And they'll likely interfere with each other.
Anti-viruses are often definition based - they guard against viruses that the writers know about. Sometimes the lists are quite large (see www.securelist.com for Kaspersky's), but the most dangerous attacks the new ones.

Get something with a decent proactive defense (Kaspersky or Comodo Firewall are the ones that I would recommend) and then read whatever it tells you and don't let through suspicious stuff. If a game wants control of your monitor, or your speakers, then fair enough - but if a text editing program wants it, don't let it through. That sort of thing.
That'll give you more protection than any anti-virus (NB I don't use an anti-virus anymore. Just Comodo Firewall and proactive defense).

And if it's too awkward to fix XP now, just reinstall. That's what I did the one occasion I got such a virus Razz

-------------------------------------------------------------------------------




The Eagle

He clasps the crag with crooked hands;
Close to the sun in lonely lands,
Ring'd with the azure world, he stands.

The wrinkled sea beneath him crawls;
He watches from his mountain walls,
And like a thunderbolt he falls.

Alfred Tennyson - 1851
avatar
TTIO
CEO of Cheese Pie Inc.

Male

Forum Posts : 1111

Location : Eng.

Fan of : Triela!

Original Characters : Keetha & Alcide

Registration date : 2008-07-02

Back to top Go down

Re: XP virus scare

Post by Nuke is Good on Sun 17 Apr 2011 - 16:21

Honestly, if you got hit really bad with a virus I recommend reinstalling Windows.

If you have Sophos thats a good antivirus, its extremely sensitive that approaches false positive territory. But its for the Corporate setting so it runs only on one computer in my house.
avatar
Nuke is Good

Male

Forum Posts : 326

Location : New Jersey

Fan of : Henrietta

Original Characters : Rc v1

Registration date : 2008-04-10

Back to top Go down

Re: XP virus scare

Post by Five_X on Sun 1 May 2011 - 15:28

Argh, got hit by it again. And now whenever I try to open .exe files, I'm asked to select which file to use to open each with, every time, which means I can't correctly access most programs on my computer.

-------------------------------------------------------------------------------



"The scoreboard looks like baseball, the start looks like bowling, and the rest looks like cleaning the kitchen floors." - rustyspring on curling

"The world will listen to me!" - Makoto Itou, butchered translation of School Days

"Bullshit! I want healthy Arf back!" - Piero, on Nanoha season three
avatar
Five_X

Male

Forum Posts : 695

Location : Canada

Fan of : Rico!

Original Characters : Jessi, Ed, Ralph and Mal

Comments : President of the Ilya Fanclub.

Registration date : 2009-09-30

Back to top Go down

Re: XP virus scare

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum