U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology > Computers
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
Reply Start New Thread
 
Old 12-19-2011, 04:43 PM
 
1,423 posts, read 4,741,787 times
Reputation: 1936

Advertisements

I scanned (and scanned, and scanned again) and finally got my computer working after getting infected with a virus that wanted me to immediately register for Vista Security 2012. I knew that was a scam, but it had me locked out from doing anything else. Finally I got onto another computer, downloaded Rkill and a new version of Malwarebytes, and copied them onto my main computer while in safe mode. I got the computer to work.

But now in the scan results, it's showing some of the files as "allowed" and I can't remove them. Does anyone know why and what this means? The scan says I am ok, but then shows bad files "allowed."

http://i1227.photobucket.com/albums/ee437/Desiderata21/trojanmsg.jpg (broken link)
Reply With Quote Quick reply to this message

 
Old 12-19-2011, 05:14 PM
 
11,715 posts, read 36,462,364 times
Reputation: 7514
Try this: Microsoft Safety Scanner - Antivirus | Remove Spyware, Malware, Viruses Free

from a clean machine. It makes a bootable CD. Start the infected computer from that CD and let it scan. Some times the only way to get rid of something is to remove it while Windows isn't running.
Reply With Quote Quick reply to this message
 
Old 12-20-2011, 06:09 AM
 
Location: New Jersey
844 posts, read 2,719,112 times
Reputation: 660
Have you tried Malwarebytes? Free and it really works good
Reply With Quote Quick reply to this message
 
Old 12-20-2011, 08:09 AM
 
7,375 posts, read 13,089,627 times
Reputation: 6974
You can individually select each item in MSE and have it remove the infection.
Reply With Quote Quick reply to this message
 
Old 12-20-2011, 08:09 AM
 
10,764 posts, read 18,121,609 times
Reputation: 10256
Download and run Malwarebytes for a second opinion, never rely on a single app.
Reply With Quote Quick reply to this message
 
Old 12-20-2011, 08:18 AM
 
Location: Jacksonville, FL
7,401 posts, read 8,061,931 times
Reputation: 5976
Dealing with this virus on my wife's laptop, and it's a huge PITA. Got the virus itself removed, but it somehow blocked the security center service from working at all. Spent 3 hours last night working on it, and will probably go another 3 tonight to get it sorted.

Btw, MSE and Malwarebytes were both running when the laptop got infected, with the latest updates on both, so those of you that haven't gotten it, watch yourselves. Not sure if it's a new version or what, but it stealthed it's way in and royally screwed up the registry.
Reply With Quote Quick reply to this message
 
Old 12-20-2011, 08:24 AM
 
10,764 posts, read 18,121,609 times
Reputation: 10256
Quote:
Originally Posted by JimRom View Post
Dealing with this virus on my wife's laptop, and it's a huge PITA. Got the virus itself removed, but it somehow blocked the security center service from working at all. Spent 3 hours last night working on it, and will probably go another 3 tonight to get it sorted.

Btw, MSE and Malwarebytes were both running when the laptop got infected, with the latest updates on both, so those of you that haven't gotten it, watch yourselves. Not sure if it's a new version or what, but it stealthed it's way in and royally screwed up the registry.
That's not at all out of the ordinary, almost all the infected PC's I get in my shop are running current AV apps when the infection occurs. Today's antivirus is mediocre at best.
A couple articles that explain why, the articles are about 2 years apart, but the problem is the same, which shows that no progress has been made in 2 years as far as detection.

http://www.zdnet.com/news/major-anti...malware/320602
http://www.zdnet.com/blog/bott/why-m...54?tag=nl.e539


As far as the security center issue, it looks like you're using Windows 7 which doesn't have security center (it has the Action Center, is that what you meant?), what exactly isn't working? Also check that Windows update hasn't been disabled as well.
Reply With Quote Quick reply to this message
 
Old 12-20-2011, 11:11 AM
 
28,673 posts, read 40,851,780 times
Reputation: 37401
To everyone recommending to the OP that they use Malwarebytes: Reread the OP.
Reply With Quote Quick reply to this message
 
Old 12-20-2011, 07:09 PM
 
Location: Jacksonville, FL
7,401 posts, read 8,061,931 times
Reputation: 5976
Quote:
Originally Posted by NHDave View Post
That's not at all out of the ordinary, almost all the infected PC's I get in my shop are running current AV apps when the infection occurs. Today's antivirus is mediocre at best.
A couple articles that explain why, the articles are about 2 years apart, but the problem is the same, which shows that no progress has been made in 2 years as far as detection.

Major antivirus engines failing to detect malware - ZDNet
Why malware networks are beating antivirus software | ZDNet


As far as the security center issue, it looks like you're using Windows 7 which doesn't have security center (it has the Action Center, is that what you meant?), what exactly isn't working? Also check that Windows update hasn't been disabled as well.
Actually, running Vista on the laptop. I've got the security center back, but still tracking down an issue that keeps me from turning on networking. When I try to turn network discovery on, I get the "service is not an installed service" message (not the exact wording, but I figured you'd know what I mean). I'll beat it eventually, just got to dig through the registry and find the bad keys.

Already did a scan of the repository, no issues found.
Tried the MS Fixit programs, no help.
Tried Oldtimer's OLS, helped a bit, but still some issues.

If it were my desktop, I'd have already done a format and reinstall, but I'm a lot more diligent about backing up than the wife is, and she's got around 7 gig of data (music, pictures, and video) on a laptop that has a burnt-out dvd-writer. Without the ability to network, I'm kind of stuck with getting it back in working order - at least long enough to transfer files to my desktop so I can wipe and redo her lappie.
Reply With Quote Quick reply to this message
 
Old 12-20-2011, 07:13 PM
 
10,764 posts, read 18,121,609 times
Reputation: 10256
Do you have an actual Vista DVD? If so stick in in, run command promt as administrator, and type

sfc /scannow

This will scan for and replace missing/corrupt system files, I've found it usually takes care of the networking issue after cleaning this type of infection.
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology > Computers
Similar Threads
Follow City-Data.com founder on our Forum or

All times are GMT -6.

© 2005-2020, Advameg, Inc. · Please obey Forum Rules · Terms of Use and Privacy Policy · Bug Bounty

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top