• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

XP Antivirus '09 or Antivirus '09 users

N

NoStateofMind

Diamond Member
Don't. Quite simply. If you do not know, this is a phishing/fake antivirus software. Once installed it says you have a multitude of problems (LIES!!) and then says it can fix them, just put in your credit card number to pay for their "service" and all will be well. :disgust: Stay away and if you see anyone with this program, get them to run virus scans immediately. Just a heads up, I see this at least 2 times a week.
 
Yeah, I just had a friend drop his computer off and he's got it. It has totally f'ed his computer. It has blocked some of the popular anti-virus websites, too. Its looking for trendmicro.com at 127.0.0.1 for example.

I am currently at a loss, as I don't usually deal with this kind of stuff.
 
Originally posted by: bamacre
Yeah, I just had a friend drop his computer off and he's got it. It has totally f'ed his computer. It has blocked some of the popular anti-virus websites, too. Its looking for trendmicro.com at 127.0.0.1 for example.

I am currently at a loss, as I don't usually deal with this kind of stuff.
Click to expand...

I cleaned one of these the other week. Search for VUNDO. It's a nasty little critter but it can be cleaned.

 
Originally posted by: KGBMAN
Originally posted by: bamacre
Yeah, I just had a friend drop his computer off and he's got it. It has totally f'ed his computer. It has blocked some of the popular anti-virus websites, too. Its looking for trendmicro.com at 127.0.0.1 for example.

I am currently at a loss, as I don't usually deal with this kind of stuff.
Click to expand...

I cleaned one of these the other week. Search for VUNDO. It's a nasty little critter but it can be cleaned.
Click to expand...

I'll take note of that 🙂 Thanks :thumbsup:
 
Originally posted by: PC Surgeon
Originally posted by: KGBMAN
Originally posted by: bamacre
Yeah, I just had a friend drop his computer off and he's got it. It has totally f'ed his computer. It has blocked some of the popular anti-virus websites, too. Its looking for trendmicro.com at 127.0.0.1 for example.

I am currently at a loss, as I don't usually deal with this kind of stuff.
Click to expand...

I cleaned one of these the other week. Search for VUNDO. It's a nasty little critter but it can be cleaned.
Click to expand...

I'll take note of that 🙂 Thanks :thumbsup:
Click to expand...


Anytime. :beer:
 
Thanks guys. I am gonna look at his PC again tomorrow. Will report back. Also, the virus was even disallowing me to open/run the malwarebytes setup .exe. I even tried renaming it. Just wouldn't run.
 
Originally posted by: bamacre
Thanks guys. I am gonna look at his PC again tomorrow. Will report back. Also, the virus was even disallowing me to open/run the malwarebytes setup .exe. I even tried renaming it. Just wouldn't run.
Click to expand...

The first step I took was to do an online scan (Housecall).
After that, I was able to run Malwarebytes, ComboFix and Super Antispyware.


 
Originally posted by: KGBMAN
The first step I took was to do an online scan (Housecall).
After that, I was able to run Malwarebytes, ComboFix and Super Antispyware.
Click to expand...

Well, it isn't easy to do an online scan when it blocks access to online scanning sites. 😉

UBCD isn't working for me. It doesn't like the OEM XP install disk, and its giving me 3 errors, (1) loadkey() failed, (2) closeHive() failed, and (3) several can't delete and can't copy files errors. And the files are its own files.

 
If you have a system that will burn an .ISO file to CD, try F-Secure's Rescue CD:

download link on this page

Boot the system from this CD and let it update & scan. F-Secure uses a couple antivirus engines, including Kaspersky's engine, and they're also known for their rootkit detection, so it should be worth a try.
 
Originally posted by: mechBgon
If you have a system that will burn an .ISO file to CD, try F-Secure's Rescue CD:

download link on this page

Boot the system from this CD and let it update & scan. F-Secure uses a couple antivirus engines, including Kaspersky's engine, and they're also known for their rootkit detection, so it should be worth a try.
Click to expand...

Now this is working. Thank you, sir. :thumbsup:

Still scanning, but it has already found some malware. When it is done, I will boot back into Windows and see what's up, and try installing the malwarebytes app as well.

Edit:

Scan completed. 15 instances of malware found.

Rebooted into Windows was successful, but apparently some of the windows system files were infected and thus removed. I couldn't get an internet connection, and when I opened up Device Manager, it was completely blank. :laugh:

I am now running a Repair via the XP MCE install disk.


Edit2:

Repair process pretty much fixed everything. One thing though, IE would still not load any images (jpeg,gif). I had to reset all IE settings to default, and that fixed it.

Computer is out the door.

Thanks again everyone, and especially Mr. Computer Genius, mechBgon, for all the help. :thumbsup: :beer:
 
Originally posted by: KGBMAN
Originally posted by: PC Surgeon
Originally posted by: KGBMAN
Originally posted by: bamacre
Yeah, I just had a friend drop his computer off and he's got it. It has totally f'ed his computer. It has blocked some of the popular anti-virus websites, too. Its looking for trendmicro.com at 127.0.0.1 for example.

I am currently at a loss, as I don't usually deal with this kind of stuff.
Click to expand...

I cleaned one of these the other week. Search for VUNDO. It's a nasty little critter but it can be cleaned.
Click to expand...

I'll take note of that 🙂 Thanks :thumbsup:
Click to expand...


Anytime. :beer:
Click to expand...

I walked one of our users through cleaning this out last week. NOD32 + Spybot is a great combo. They said the programs and the popups stopped.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top