| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 117168 | 2011-04-05 10:41:00 | Is this a fake virus Alert? It has me worried. | Billy T (70) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1192242 | 2011-04-05 13:26:00 | Are you sure this is not one of the current crop of fake virus scams currently doing the rounds? I guessed it was of that genre from the start, but it seemed to have roots that went beyond just scaring people into paying money, I could not find a way to close the thing down and there was no easy way to kill it . It was a little more serious than a plain 'money for AV' scam too as it killed MWB and MSSE stone dead . Only Spybot survived and cleaned some registry entries, and that let me get a toe in . I still don't have the ability to auto-update MSSE yet but I'll get there . I'm running an ESET online scan now but at the present rate it will take 4-5 hours to finish so I'm going grab some shut-eye and take another look in the morning to see what Eset says . Thanks to all for help, advice and support . Believe it or not this is my first ever real malware/spyware infection in 15 years of being online at least 12/7 360 or so days per year! Cheers Billy 8-{) |
Billy T (70) | ||
| 1192243 | 2011-04-05 13:43:00 | But it could have been one of the nastier types mentioned in the link I gave. Between them they can apparently shut down pretty much everything, including Safe Mode! | Robin S_ (86) | ||
| 1192244 | 2011-04-05 19:58:00 | Is this it ? ( . bleepingcomputer . com/virus-removal/remove-desktop-security-2010" target="_blank">www . bleepingcomputer . com) . rkill will probably kill in in normal windows . I see the one I fixed (Windows Expansion system) the other week, is similar to one that you can get when you visit a site that was affected with this SQL injection hack that happened last week I think it was . You may have visited one of these sites |
Speedy Gonzales (78) | ||
| 1192245 | 2011-04-05 20:56:00 | No , it wasn't that, it looked 100% identical to the XP/MSSE pages Speedy, in fact if I didn't have a suspicious mind and also knew that you don't have to pay subscriptions for any of the related services for XP, plus if it hadn't been such a persistent and irritating pop-up, I would have sworn it was genuine. If they cut the popups to once every few days they'd probably catch more fish. Eset scanned for several hours and only found about 6 iterations of some joke virus hidden in an old USB disk archive. My only problem now is the automatic updates for MSSE are disabled so once I find the answer to that everything will be restored to normal. At the moment I have no clues as it is a fresh install of MSSE. Cheers Billy 8-{) May have already sorted this, according to my latest research having checked the box to update before a scheduled scan takes care of it. |
Billy T (70) | ||
| 1192246 | 2011-04-05 21:10:00 | Here it is (www.bleepingcomputer.com). Its called FakePAV. I could check it out with teamviewer from here. If you think its still on the system | Speedy Gonzales (78) | ||
| 1192247 | 2011-04-05 22:28:00 | Run something like Gmer too, maybe you have a rootkit as well | Agent_24 (57) | ||
| 1192248 | 2011-04-05 23:57:00 | So far so good today. The computer is running at full speed and with no apparent ill-effects, everything seems normal apart from MSE Update being off on the MSE control panel screen (but enabled via scan scheduling, which apparently overrides the control panel). I'm open to suggestions as to how I can fix the update blockage though. Would it be worth trying another uninstall/reinstall +update of MSE? My guess is that there could be a registry entry that is not playing nicely anymore, but I'm not going there unless it is unavoidable. Would a registry cleaner help perhaps? Ran CCleaner reg and it shows a stack of different issues, principally missing shared DLLs. Is it safe to let it do its thing? Cheers Billy 8-{) |
Billy T (70) | ||
| 1192249 | 2011-04-06 00:03:00 | Get malwarebytes and do a full scan. And run rkill in windows | Speedy Gonzales (78) | ||
| 1192250 | 2011-04-06 00:51:00 | Get malwarebytes and do a full scan. And run rkill in windows I have already updated and run MWB, but ran again with 0 results. Downloaded and ran rkill but the log showed nothing found. Everything seems OK apart from the block on automatic updates for MSE. Tried another manual update on MSE but it failed! makes me wonder if the scheduled "update before scanning" will fare any better. I'm back thinking about registry errors maybe. See my query above re CCleaner registry checker. Bummer! Cheers Billy 8-{) |
Billy T (70) | ||
| 1192251 | 2011-04-06 00:56:00 | Viruses often make changes to the registry to prevent anti-virus programs working properly. You may need to look up the virus you had and find out what changes are documented so you know how to reverse them... Symantec usually has what you need. |
Agent_24 (57) | ||
| 1 2 3 4 5 | |||||