Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Win XP Virus got me. Not Sure how/where
1/30/12 | Don

Posted on 01/30/2012 5:07:43 PM PST by Don@VB

Booted up my Acer Aspire One with Win XP and found this Win XP virus. Have Microsoft Security Essentials running and up to date and it got thru. Don't know how but it disabled most applications so could not run virus scan. Everything backed up but still a hassel. Its out there, any tips on avoiding this appreciated.


TOPICS: Computers/Internet
KEYWORDS: virus
Navigation: use the links below to view more comments.
first 1-5051-58 next last

1 posted on 01/30/2012 5:07:51 PM PST by Don@VB
[ Post Reply | Private Reply | View Replies]

To: Don@VB

I consider myself an expert in computer science. Here is my advice:

Steps to better computing:

1. Ram your fist through your computer monitor.
2. Go to hospital.
3. Buy a new computer.


2 posted on 01/30/2012 5:11:23 PM PST by Apollo5600
[ Post Reply | Private Reply | To 1 | View Replies]

To: Don@VB

Do you have ‘Malwarebytes’ anti-virus?


3 posted on 01/30/2012 5:12:55 PM PST by patriot08 (TEXAS GAL- born and bred and proud of it!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Don@VB

Boot your machine in Safe Mode. Run MalwareBytes, full scan. You may need to right click and run this as administrator. Should take care of it.


4 posted on 01/30/2012 5:13:30 PM PST by sjm_888
[ Post Reply | Private Reply | To 1 | View Replies]

To: Don@VB

Three easy letters that will change your life forever.
MAC

(full disclosure, I own Apple stock that has paid for all my devices. YMMV)


5 posted on 01/30/2012 5:15:21 PM PST by coldbluesteel (Endo)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Don@VB

MS Essentials? (sigh) Another “it’s a free AV! what could possibly go wrong?” moment.


6 posted on 01/30/2012 5:15:25 PM PST by max americana (Buttcrack Obama is an idiot)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Don@VB

Do you have a second online computer to download a program on to a flash drive with?


7 posted on 01/30/2012 5:18:06 PM PST by ansel12 (Romney is unquestionably the weakest party front-runner in contemporary political history.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: coldbluesteel

There is more and more Mac specific malware out there, and more coming every day.

Something to check out is Sophos software’s anti-malware. It’s free to home users.

While most people have never heard of Sophos, it’s been quietly protecting corporate networks for decades, and doing a terrific job too.

Mark


8 posted on 01/30/2012 5:18:50 PM PST by MarkL (Do I really look like a guy with a plan?)
[ Post Reply | Private Reply | To 5 | View Replies]

To: sjm_888

Post Script to story. I reformatted back to factory settings and had most stuff backed up. Thought MS Essentials would at least flag it.


9 posted on 01/30/2012 5:19:21 PM PST by Don@VB (Power Corrupts)
[ Post Reply | Private Reply | To 4 | View Replies]

To: sjm_888

“Boot your machine in Safe Mode. Run MalwareBytes, full scan. You may need to right click and run this as administrator. Should take care of it.”

I used to work for Norton and Cyberdefender in a past life. One thing I witnessed was a TLD4 rootkit knockout Malwarebytes (PRO version), the customer’s AVG paid version (he insisted AVG was better), and locked the system for no system restore. Amazing piece of work who made it..but there was a solution without throwing the laptop out the window.


10 posted on 01/30/2012 5:20:59 PM PST by max americana (Buttcrack Obama is an idiot)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Don@VB

http://www.bleepingcomputer.com/forums/forum103.html


11 posted on 01/30/2012 5:21:19 PM PST by big bad easter bunny
[ Post Reply | Private Reply | To 1 | View Replies]

To: coldbluesteel
Three Five easy letters that will change your life forever: MAC LINUX.

There, I fixed it...

12 posted on 01/30/2012 5:22:20 PM PST by RobertClark ("Governments are instituted among Men, deriving their just powers from the consent of the governed")
[ Post Reply | Private Reply | To 5 | View Replies]

To: Don@VB

1) Use Avast (free) for anti-virus

2) Use MalWareBytes (free) for spyware

3) Stay away from porn sites (caught ya, didn’t I?)


13 posted on 01/30/2012 5:23:18 PM PST by Eccl 10:2
[ Post Reply | Private Reply | To 9 | View Replies]

To: coldbluesteel
Three easy letters that will change your life forever. MAC

Yeah, nobody's ever gonna pick on Apple. /s

14 posted on 01/30/2012 5:23:59 PM PST by the invisib1e hand (religion + guns = liberty.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Don@VB

Romney porn will get you every time. It’s nasty stuff!


15 posted on 01/30/2012 5:24:39 PM PST by TSgt (Suppose you were an idiot and suppose you were a member of Congress. But I repeat myself.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Don@VB

For next time:

-Hit F8 and boot into safe mode with networking
-Once up, go to System Restore - Start | Programs | Accessories | System Tools | System Restore
-Follow the prompts, and choose a restore point on a date before the infestation.
-System will restore and reboot normally. You should be rid of the virus/malware.


16 posted on 01/30/2012 5:25:26 PM PST by mkleesma (`Call to me, and I will answer you and tell you great and unsearchable things you do not know.')
[ Post Reply | Private Reply | To 9 | View Replies]

To: Don@VB

I have a few Windows boxes at the office out of necessity (US Gov’t EAC and DPS wont run on Linux or Unix). I installed Sophos and Spybot and have had no problems. I like that Spybot comes with a clone file already intact to allow it to run even when Spybot and AV is blocked by the virus or worm or trojan. But at the end of the day, I retire to my trusty Linux box and smile..


17 posted on 01/30/2012 5:26:54 PM PST by RobertClark ("Governments are instituted among Men, deriving their just powers from the consent of the governed")
[ Post Reply | Private Reply | To 1 | View Replies]

To: Eccl 10:2

Avast and Malware bytes are great, I also use Advanced system care too.


18 posted on 01/30/2012 5:27:21 PM PST by Mmogamer (I refudiate the lamestream media, leftists and their prevaricutions.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Don@VB

The best thing to try is to reboot the computer into safe mode with networking, so you’ll have access to the Internet.

Next, disable “System Restore.” This is the option that lets you restore the system to the last believed good configuration. The problem is that quite a bit of malware infects this system, so when you do a “restore” your computer is automatically reinfected.

Go to http://www.malwarebytes.org . Download the free edition, install it, then make sure it’s up to date. The next step is to run a full scan.

Hopefully that will take care of you. If not, something else you might try is going to another computer and downloading the Kaspersky rescue disk and burn it to a CD. Then boot the computer from that CD and follow the instructions. It’s the best way to go, since (other than a root kit) there’s no way for the malware to hide... The Kaspersky disk actually boots to a version of linux. Then buy a copy of the software - IMHO Kaspersky is as good as it gets.

Mark


19 posted on 01/30/2012 5:29:02 PM PST by MarkL (Do I really look like a guy with a plan?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Eccl 10:2

I agree on the Avast and Malwarebytes if you’re running MS.Have had many corporate clients lately getting a nasty bug that masquerades as an antivirus. If you’re using Norton or McCFee, do not trust the automatic updates...do it manually at least once a week.


20 posted on 01/30/2012 5:30:02 PM PST by coolbreeze (giving money and power to government is like giving whiskey and car keys to teen-age boys.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: max americana

Yes, its free and yes I’m a cheapskate, however, I followed advice from Freepers. Quite a few think/thought MSE was #1. Hope they can chime in!


21 posted on 01/30/2012 5:30:15 PM PST by Don@VB (Power Corrupts)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Don@VB

I got one of those on a borrowed computer.. it had to be reinstalled... I was in trouble..


22 posted on 01/30/2012 5:31:08 PM PST by GeronL (The Right to Life came before the Right to Pursue Happiness)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Don@VB

The strongest and best antivirus software is called Prevx, www.prevx.com.


23 posted on 01/30/2012 5:32:30 PM PST by varmintman
[ Post Reply | Private Reply | To 1 | View Replies]

To: MarkL

+1 Sophos. Been on my MacBook for 2 years... caught a grand total of 2 things, both recently.


24 posted on 01/30/2012 5:33:43 PM PST by Keith in Iowa (Willard Romney, purveyor of the world's finest bullmitt. | FR Class of 1998 |)
[ Post Reply | Private Reply | To 8 | View Replies]

To: RobertClark

That may be more than some can handle psychologically but no question it works. Ubuntu LINUX for people with complex software needs, Puppy LINUX for people who need the internet, word processing, and spreadsheets or who have older computers.


25 posted on 01/30/2012 5:35:33 PM PST by varmintman
[ Post Reply | Private Reply | To 12 | View Replies]

To: mkleesma
System Restore

There are a great number of malware infections that actually install itself into the "system restore." One of the first things I always do is disable the system restore to protect against the possibility.

I've also seen some that installs itself onto the hidden partition restore files, so when you tell the system to reset itself back to the factory default installation, the system will still be infected.

Mark

26 posted on 01/30/2012 5:35:49 PM PST by MarkL (Do I really look like a guy with a plan?)
[ Post Reply | Private Reply | To 16 | View Replies]

To: RobertClark

Yes - Linux is great these days. Distrowatch.com is a great website for trying out various Linux distributions and it’s always a good idea to have a Linux liveCD around so you can at least boot your virus infected Windows computer and save all of your important files.


27 posted on 01/30/2012 5:35:49 PM PST by Maurice Tift (You can't stop the signal, Mal. You can never stop the signal.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Don@VB

1. Push f8 repeatedly during startup before boot up
2. if you have adequate antivirus protection, select “safe mode”
if not, pick “safe mode with networking,” and download some.
3. get a program called “startup mechanic” this will instantly allow you to remove startup processes and thus keep viruses/trojans from starting up
4. you might need a rootkit virus detector and these new viruses hide in vital windows .sys and .dll processes and are difficult to detect.
5. KILL KILL KILL


28 posted on 01/30/2012 5:37:21 PM PST by struggle (http://killthegovernment.wordpress.com/)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Don@VB
I've seen some malware that installs itself onto the hidden partition restore files, so when you tell the system to wipe the disk and reset itself back to the factory default installation, the system will still be infected. Make sure you've got a selections of quality malware protection products.

Mark

29 posted on 01/30/2012 5:38:20 PM PST by MarkL (Do I really look like a guy with a plan?)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Eccl 10:2

>>3) Stay away from porn sites (caught ya, didn’t I?)

Porn sights arent the only thing that spread this anymore.

Try typing in goggle.com in your address bar sometime.


30 posted on 01/30/2012 5:39:12 PM PST by struggle (http://killthegovernment.wordpress.com/)
[ Post Reply | Private Reply | To 13 | View Replies]

To: varmintman
That may be more than some can handle psychologically but no question it works. Ubuntu LINUX for people with complex software needs, Puppy LINUX for people who need the internet, word processing, and spreadsheets or who have older computers.

Ubuntu has actually become very complete, as of 11.0. It installs nearly flawlessly on almost anything - ready to go with all drivers and all essential software (accepting a few third party drivers along the way, but it finds and installs them with permissions). I think presently, Ubuntu would be an easy transition for any Windows user. For me, Ubuntu server is indispensible and rock solid. Linux rocks!

31 posted on 01/30/2012 5:41:17 PM PST by RobertClark ("Governments are instituted among Men, deriving their just powers from the consent of the governed")
[ Post Reply | Private Reply | To 25 | View Replies]

To: coolbreeze

There has been a nasty popup that claims your system is infected, and includes a dialog box. Even clicking the close (x) box on the popup loads the malware. Next thing you know you try to go to any site, either by CTRL-O or typing the URL, you get directed somewhere else, and the sites get progressively offensive. The popup continues to show up, and asks for a credit card number to “renew your coverage”, so it’s a fishing scam as well. So if a popup shows up, don’t click on anything. SHUT DOWN YOU SYSTEM IMMEDIATELY! Reboot in the safe mode, scan your system, including with Malwarebytes. As for McAfee, I have found it to be useless. I have been using Kaspersky, with updates released daily.
If it is really bad, boot in the safe mode, DOS prompt, and run Malwarebytes from the DOS prompt.


32 posted on 01/30/2012 5:44:50 PM PST by Fred Hayek (FUBO, the No Talent Pop Star pResident.)
[ Post Reply | Private Reply | To 20 | View Replies]

To: Don@VB

Part of the problem is likely that there are just too many known vulnerabilities in older OS’s.. It may help to make sure you’re fully patched up to the last patches for XP. But the end is the end... And there won’t be more. There will always be risks for such machines, and they’ll need to really strictly firewalled and locked down.


33 posted on 01/30/2012 5:45:11 PM PST by Ramius (Personally, I'd give us one chance in three. More tea anyone?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Don@VB

Boot to F8 safemode

run system restore, pick last week

done.


34 posted on 01/30/2012 5:48:17 PM PST by omega4179 (Internet ID:FU░&#BO)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ramius

The crappy “Windows Virus Protector” imitation virus sucks ass. I got it after a mistype of facebook and it popped up. Ctrl+Alt+Del’ed firefox but the sucker already installed through javascript or something.

It was a nasty rootkit virus, too, but now it’s dead. It’s just amazing the crap they make nowadays.


35 posted on 01/30/2012 5:50:23 PM PST by struggle (http://killthegovernment.wordpress.com/)
[ Post Reply | Private Reply | To 33 | View Replies]

To: omega4179

A word of caution: I tried that with System Restore a few weeks ago and afterward Thunderbird mail would not even start. Search disclosed that System Restore has been known to corrupt the mail database. I recomment backing up your profile first.


36 posted on 01/30/2012 5:56:35 PM PST by bigbob
[ Post Reply | Private Reply | To 34 | View Replies]

To: RobertClark

Linux is great! When running in a VM on a Mac!


37 posted on 01/30/2012 5:58:07 PM PST by coldbluesteel (Endo)
[ Post Reply | Private Reply | To 12 | View Replies]

To: coldbluesteel
Linux is great! When running in a VM on a Mac!

I'll take that. You've gotta start somewhere - baby steps....

38 posted on 01/30/2012 5:59:48 PM PST by RobertClark ("Governments are instituted among Men, deriving their just powers from the consent of the governed")
[ Post Reply | Private Reply | To 37 | View Replies]

To: Fred Hayek

YUP...That’s the one!....by the time I get to them, either malwarebytes kills it or I reload the system.
that will teach them to save work to the shared drive and stay off those funky web sites.


39 posted on 01/30/2012 6:07:19 PM PST by coolbreeze (giving money and power to government is like giving whiskey and car keys to teen-age boys.)
[ Post Reply | Private Reply | To 32 | View Replies]

To: struggle

Avast caught it, why doesn’t google take it down?


40 posted on 01/30/2012 6:09:32 PM PST by ansel12 (Romney is unquestionably the weakest party front-runner in contemporary political history.)
[ Post Reply | Private Reply | To 30 | View Replies]

To: Don@VB

Through the advice of my son, I downloaded Microsoft security essentials.

My advice - never use MSE again! Within 1 week I had a complete system meltdown! It was to the point that I had to lock myself out of the internet to prevent anymore intrusions onto my computer. The only way I was able to save my computer was by booting into safe mode and doing a system restore to the point before I downloaded that security software.

It doesn’t work worth crap. Seriously I was unable to boot up my computer at all. Everything was missing! I had viruses and trojans totally reeking havoc on my computer.

Get a different security software - if looking for free, my oldest son uses Avast and says its great. I use Norton since it’s free through my internet provider.


41 posted on 01/30/2012 6:09:58 PM PST by jcsjcm (This country was built on exceptionalism and individualism. In God we Trust - Laus Deo)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MarkL

Mark, didn’t know that. Thanx for tip!


42 posted on 01/30/2012 6:14:17 PM PST by Don@VB (Power Corrupts)
[ Post Reply | Private Reply | To 29 | View Replies]

To: max americana

There is a very, very nasty thing out there now. File name VKNT.EXE Heur. Agent/ Gen-Whitebox. Apparently origin in Vietnam. My Super Anti-Spyware picked it up the other day. Trashed it before any damage to PC. I hope...


43 posted on 01/30/2012 6:34:05 PM PST by donozark (SAVE THE MANATEE! PUT THEM IN PENS SO THEY DON'T DAMAGE THE PROPS ON OUR YACHTS!)
[ Post Reply | Private Reply | To 10 | View Replies]

To: Don@VB

I hear ya..

ALL of my rootkit and malware removers are free (OTL/OTS, DDS, Avenger, Combofix etc). I get my AV free from Avast in exchange for volunteering on the Avast forums as an “evangelist”. AV’s, even the paid ones are not foolproof that’s why but having a free version is like having a one night stand with a hot chick who might have the clap.


44 posted on 01/30/2012 6:40:23 PM PST by max americana (Buttcrack Obama is an idiot)
[ Post Reply | Private Reply | To 21 | View Replies]

To: donozark

Heuristics are part of the full scan features of most paid AV’s. Everyone of these bastards are unique. TDSS types can easily be killed by TDSSkiller, but TDSSk is useless against HJ or hijack types, which can be neutralized by GMER. GMER is useless against SSDT rootkits but Combofix can destroy it. I wish I can strangle the creators of these malwares..


45 posted on 01/30/2012 6:44:38 PM PST by max americana (Buttcrack Obama is an idiot)
[ Post Reply | Private Reply | To 43 | View Replies]

To: Don@VB

Hey Don,just my two cents’ worth...I loaded Avast! a few years ago and I just love it. Also, I gave up using IE in any capacity and stick strictly to Firefox as a browser. I’m a happy camper!


46 posted on 01/30/2012 6:50:33 PM PST by gimme1ibertee ("Criticism......brings attention to an unhealthy state of things"-Winston Churchill)
[ Post Reply | Private Reply | To 42 | View Replies]

To: Don@VB

Very true. Win XP is a virus.


47 posted on 01/30/2012 6:58:21 PM PST by familyop (We Baby Boomers are croaking in an avalanche of rotten politics smelled around the planet.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: gimme1ibertee

And you will be happier still tomorrow when Firefox 10 is released.


48 posted on 01/30/2012 6:59:53 PM PST by donozark (SAVE THE MANATEE! PUT THEM IN PENS SO THEY DON'T DAMAGE THE PROPS ON OUR YACHTS!)
[ Post Reply | Private Reply | To 46 | View Replies]

To: Don@VB
Don't know how but it disabled most applications so could not run virus scan.

Go to where the executable file for your virus software lives....that is, navigate to the directory where it is installed...then rename it "explorer.exe". (The virus usually needs explorer.exe to be left untouched) Then double click on your newly named program file and run a virus scan.

49 posted on 01/30/2012 7:21:43 PM PST by Bloody Sam Roberts (Do all He commands. Receive all He promises.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: gimme1ibertee

I used avast and got a virus there too, but I might couple it with Firefox.


50 posted on 01/30/2012 7:28:08 PM PST by Don@VB (Power Corrupts)
[ Post Reply | Private Reply | To 46 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-58 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson