Infected with XP Total Security 2011 virus. Help!

Hi, I clicked on a Google search results link (with a green WOT button!) and was hit with this XP Total Security 2011 virus which mimics the XP security alerts and offers to fix. No, I didn't fall for this. Knew immediately that it was a scam. I was in the midst of scanning my second drive and Eset Security did not stop the intrusion. My Malwarebytes is blocked from opening and everytime I try to end the process of this virus in Taskmanager it replicates twice over. My taskbar now has a dozen fake microsoft security shields from trying to close the damn thing down with taskmanager. One p[ops up there and stays everytime I try to end the process in taskmanager.

I have fake XP Total Security 2011 warning messages popping up right left and centre. All I can do is close them with the top right X, but now have one offering to do a security scan that doesn't have the X just a Yes or No button. Not game to touch it.

Need a fix fast and really want to lnow why my Eset security did not prevent this infection?

Currently running another scan Eset on my C drive and it's telling me everything is just fine even though it's gone through scanning Firefox which must have the offending virus in its cache.

I need help fast.

TIA.

Dale

 

A good place to start:
http://www.bleepingcomputer.com/virus-removal/remove-win-7-internet-security-2011

These infections are constantly changing making detection difficult for AVs.

 

Go to your Malwarebytes program folder. Copy mbam.exe and paste into the same directory, then rename the copy to mab.com, it that doesn't run then try renaming to iexplore.exe

If you get MBAM running, it should have no problem removing this rogue.

 

Thanks for the quick replies. It's sorta fixed.

I went to the suggested page at Bleeping Computer and was unable to print out the instructions or even cut and paste them to a Word doc and print from that. Bit the bullet and downloaded this: -http://download.bleepingcomputer.com/reg/FixNCR.reg

Took a punt and ran it and then tried again to start Malwarebytes and it ran and cleaned out 3 infections. (I'd just run it last night and it had found 5 Trojans which Eset had also not blocked!) Had to reboot and am left with a Windows XP security alert shield in the taskbar which tells me the Firewall and Virus protection is on and the Auto update is off. On going to System settings, I find the reverse is true in all cases. Any idea how I get rid of this Alert?

AAAGH! I just went to Taskmanager to shut it down and the rotten thing has replicated itself so it looks as if I've only partially got rid of this #%^&# virus. Not getting constant popups now telling me its found 28 infections, or balloons telling me I have security problems.

I had not used Malwarebytes for years because my former security suite from Bitdefender did not play nicely with it, so I'd uninstalled. I dumped BD with months yet to run on a three year licence because it was a shocking resource hog and was crippling my computer. Bought Eset Smart Security 3 licences to replace it and now I wish I hadn't. I've lost all faith in it as my basic security.

Constant activity on my network indicator had me suspicious so I downloaded Malwarebytes again yesterday and ran it last night. Couldn't believe all those Trojans had got through Eset. I scan software proggies I download, prior to installing - I'm careful and in the four or five years I used Bitdefender I never had any trojan or virus infections. Plenty of alerts and quarantines, quite a few false positives, but no infections. Periodically I would download Malwarebytes and a couple of other malware detectors, turn off BD and check my system. Always clean. I'd uninstall them and turn BD back on. BD is a pig on your system and I hated it. Don't want to have anything to do with it ever again, but I did trust it. I now do not trust Eset Smart Security at all.

Why do we pay premium prices for this software that is offering virtually no protection either from the firewall or from the virus security? In the few months I've been using it I've only had two warnings from this security system and fourteen infections if you count malware. Can I get a refund and try another security suite? I'm thinking that even Microsoft's own free system security must be better!

 

Well, this is how it is. Also no product available is able to secure you to 100%

5 years ago I had BitDefender installed, and it let one Trojan through
Now I use ESS just as you, and I have never got infected.
And Yes, it is the lightest suite on the market.

But I understand your disappointment about ESET.
Though, I bet if you would have keep using BD and got infected, you would feel the exact same way about BD, as you do now about ESET.

My advice is that you keep ESET, and do weekly scans with Malwarebytes, and/or Hitman Pro. And maybe start using a DNS service such as OpenDNS.

Again remember, No product will secure you to 100%.
Even if you change vendor you can still get infected.

 

Thanks for the calming words Swex. I am frothing. Spent a whole day trying to get rid of this damn thing and it's still there.

Did another Malwarebytes scan and this virus showed up again lurking in the Sun Java Application data. Malwarebytes again got rid of it and I had to reboot and now it is back again. Obviously it is somewhere in my Startup folder but I can't find anything that shouldn't be there. The damn thing is concealed in another programme.

Does anyone have any suggestions for getting rid of it once and for all?

 

get help from experienced helpers from one of the sites listed
https://www.wilderssecurity.com/showpost.php?p=1533481&postcount=3

 

Still there you say? Hmmmm.....

Well, Download Dr.Web Cureit it's usually very good at getting rid of those "damn things" that keep popping up.

 

If Dr.Web Cureit does not get rid of it, try the Dr.Web LiveCD. Scanning/cleaning from a LiveCD may stop the Malware replication problem.

 

and in closing try to create sysinspector log and contact support
http://kb.eset.com/esetkb/index?page=content&id=SOLN2219